# Copyright 2025 syzkaller project authors. All rights reserved. # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. apiVersion: argoproj.io/v1alpha1 kind: Workflow metadata: generateName: series-workflow spec: entrypoint: main podGC: # Keep pods for 12 hours after completion. strategy: OnPodCompletion deleteDelayDuration: 12h ttlStrategy: # Keep finihed workflows for 12 hours after completion. secondsAfterCompletion: 43200 podMetadata: labels: tier: workflow arguments: parameters: - name: session-id value: "some-session-id" # TODO: there seems to be no way to pass env variables into the GC workflow. # Set ARGO_ARTIFACT_GC_ENABLED=0 for the local setup? # artifactGC: # strategy: OnWorkflowCompletion templates: - name: main # Note that failFast and parallelism only affect this template's steps. # Don't schedule new steps if any of the previous steps failed. failFast: true parallelism: 2 steps: - - name: run-triage templateRef: name: triage-step-template template: triage-step - - name: abort-on-skip-outcome template: exit-workflow when: "{{=jsonpath(steps['run-triage'].outputs.parameters.result, '$.skip_reason') != ''}}" - - name: run-process-fuzz template: process-fuzz arguments: parameters: - name: element value: "{{item}}" withParam: "{{=jsonpath(steps['run-triage'].outputs.parameters.result, '$.fuzz')}}" continueOn: failed: true - name: process-fuzz inputs: parameters: - name: element steps: - - name: save-base-req template: convert-artifact arguments: parameters: - name: data value: "{{=jsonpath(inputs.parameters.element, '$.base')}}" - - name: base-build templateRef: name: build-step-template template: build-step arguments: parameters: - name: test-name value: "[{{=jsonpath(inputs.parameters.element, '$.track')}}] Build Base" - name: session-id value: "{{workflow.parameters.session-id}}" artifacts: - name: request from: "{{steps.save-base-req.outputs.artifacts.artifact}}" - - name: abort-if-base-build-failed template: exit-workflow when: "{{=jsonpath(steps['base-build'].outputs.parameters.result, '$.success') == false}}" - - name: save-patched-req template: convert-artifact arguments: parameters: - name: data value: "{{=jsonpath(inputs.parameters.element, '$.patched')}}" - - name: boot-test-base templateRef: name: boot-step-template template: boot-step arguments: artifacts: - name: kernel from: "{{steps.base-build.outputs.artifacts.kernel}}" parameters: - name: config value: "{{=jsonpath(inputs.parameters.element, '$.config')}}" - name: base-build-id value: "{{=jsonpath(steps['base-build'].outputs.parameters.result, '$.build_id')}}" - name: test-name value: "[{{=jsonpath(inputs.parameters.element, '$.track')}}] Boot test: Base" - - name: abort-if-base-boot-failed template: exit-workflow when: "{{=jsonpath(steps['boot-test-base'].outputs.parameters.result, '$.success') == false}}" - - name: patched-build templateRef: name: build-step-template template: build-step arguments: parameters: - name: test-name value: "[{{=jsonpath(inputs.parameters.element, '$.track')}}] Build Patched" - name: findings value: "true" - name: session-id value: "{{workflow.parameters.session-id}}" artifacts: - name: request from: "{{steps.save-patched-req.outputs.artifacts.artifact}}" - - name: abort-if-patched-build-failed template: exit-workflow when: "{{=jsonpath(steps['patched-build'].outputs.parameters.result, '$.success') == false}}" - - name: boot-test-patched templateRef: name: boot-step-template template: boot-step arguments: artifacts: - name: kernel from: "{{steps.patched-build.outputs.artifacts.kernel}}" parameters: - name: config value: "{{=jsonpath(inputs.parameters.element, '$.config')}}" - name: patched-build-id value: "{{=jsonpath(steps['patched-build'].outputs.parameters.result, '$.build_id')}}" - name: report-findings value: "true" - name: test-name value: "[{{=jsonpath(inputs.parameters.element, '$.track')}}] Boot test: Patched" - - name: abort-if-patched-boot-failed template: exit-workflow when: "{{=jsonpath(steps['boot-test-patched'].outputs.parameters.result, '$.success') == false}}" - - name: save-fuzz-config template: convert-artifact arguments: parameters: - name: data value: "{{=jsonpath(inputs.parameters.element, '$')}}" - - name: fuzz templateRef: name: fuzz-step-template template: fuzz-step arguments: parameters: - name: patched-build-id value: "{{=jsonpath(steps['patched-build'].outputs.parameters.result, '$.build_id')}}" - name: base-build-id value: "{{=jsonpath(steps['base-build'].outputs.parameters.result, '$.build_id')}}" artifacts: - name: base-kernel from: "{{steps.base-build.outputs.artifacts.kernel}}" - name: patched-kernel from: "{{steps.patched-build.outputs.artifacts.kernel}}" - name: config from: "{{steps.save-fuzz-config.outputs.artifacts.artifact}}" - name: convert-artifact inputs: parameters: - name: data outputs: artifacts: - name: artifact path: /tmp/artifact container: image: alpine:latest command: [sh, -c] args: ["echo '{{inputs.parameters.data}}' > /tmp/artifact"] - name: exit-workflow inputs: parameters: - name: code value: 1 container: image: alpine:latest command: ['/bin/sh', '-c'] args: ["exit {{inputs.parameters.code}}"]