fix(ci): trigger fuzz job on scheduled pipeline#599
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: cb28cf167a
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| aud: image-integrity | ||
| rules: | ||
| - if: $NIGHTLY_BUILD == "true" | ||
| - if: '$CI_PIPELINE_SOURCE == "schedule"' |
There was a problem hiding this comment.
When the existing image-update schedule runs with CHECK_IMAGE_UPDATES=true (see .gitlab-ci.yml:38), this broader rule also matches and runs fuzz_infra, which builds and pushes fuzz images and registers them with FuzzyDog. That turns non-fuzz scheduled maintenance pipelines into publishing/registration runs; please gate this on a fuzz-specific schedule variable or explicitly exclude the image-update schedule.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
pushed to make the condition - if: '$CI_PIPELINE_SOURCE == "schedule" && $RUN_FUZZ == "true"'
I'll need to create a new scheduled pipeline once merged
CI Test ResultsRun: #27747381628 | Commit:
Status Overview
Legend: ✅ passed | ❌ failed | ⚪ skipped | 🚫 cancelled Summary: Total: 32 | Passed: 32 | Failed: 0 Updated: 2026-06-18 08:56:14 UTC |
jbachorik
left a comment
jbachorik
left a comment
There was a problem hiding this comment.
✅ Sphinx review — no findings.
Avoid running fuzz_infra on non-fuzz scheduled maintenance pipelines (e.g. the image-update schedule with CHECK_IMAGE_UPDATES=true).
2 participants
I used the wrong variable in the previous PR, it should be on the schedueld pipeline and not the NIGHTLY_BUILD one.
Variable value coming from https://docs.gitlab.com/ci/jobs/job_rules/#ci_pipeline_source-predefined-variable
What does this PR do?:
Fix the scheduled fuzz test
Motivation:
Fuzz every night
Additional Notes:
How to test the change?:
For Datadog employees:
credentials of any kind, I've requested a security review (run the
dd:platform-security-reviewskill, or file a request via the PSEC review form).
bewairealso runs automatically on every PR.Unsure? Have a question? Request a review!