Running a Job

Prerequisites

What is a Job?

A job is part of a job-request executing tests in a workflow on a Device Under Test (DUT) with a matching label. Results are reported to your FirmwareCI dashboard. When integrations like the GitHub App are enabled, results also appear on the relevant commit or pull request.

Each job requires two inputs:

  1. Workflow: Defines which tests to run
  2. Binaries: Maps template keys to file paths (e.g., BINARY=~/Downloads/coreboot.rom or OS_IMAGE=~/Downloads/ubuntu.img)

The template keys correspond to variables in your test files, allowing you to specify which binaries are used during test execution. You can run all tests in a workflow or select a subset.

Job Triggers

We offer three different methods to trigger a job:

  1. Command-Line Interface: Using the fwci job or fwci exec commands.

    By default fwci job auto-follows the submitted request: it uploads the binary, creates the job request, and then streams live output until all jobs reach a terminal state. Pass --no-follow to submit and exit immediately.

    • Interactive Mode: This mode prompts you to select the workflow and specify whether to run all tests or only a subset. If only one workflow is available, it will be automatically selected.

      # Login using your credentials
$ fwci login <email> <password>

# Start a job
$ fwci job Binary=~/Downloads/my-rom.rom

Selected workflow: fwci-crystal-core
Do you want to select partial tests to be run? (y/n): n
Selected all tests

Uploading binaries. This may take a while...
  Binary (1/1)          [β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ] 100%  64.00 MB  0:11

Successfully started
Request ID: 01KPDF6MT63NM59NEPXVG66X62
Waiting for jobs to start…

Workflow fwci-crystal-core
JOB ID                       TEST                   STATUS    DURATION
01KPDF6MTCRATNF7JH4ARQT7GH   Web: Interface Access  running   44s
01KPDF6MTNKJ6GBVY6Y6STT69Y   User: Session Mgmt     queued
…
polling: 0/12 done  β€’  refreshing every 3s

    • Non-Interactive Mode: The CLI can also operate non-interactively by providing the workflow name as the second argument:

      $ fwci job Binary=~/Downloads/coreboot.rom -w fwci-crystal-core --no-partial-tests

      Caution: You might be required to provide the project-name as well, if the workflow-name is not unique across projects.

    • CI / Scripted Mode: For pipelines, combine --no-follow with --no-partial-tests so the CLI submits and exits without any interaction:

      $ fwci job Binary=./coreboot.rom -w fwci-crystal-core --no-partial-tests --no-follow
Submitted job request: 01KPDF6MT63NM59NEPXVG66X62

      Or capture a machine-readable completion report with --json:

      $ fwci job Binary=./coreboot.rom -w fwci-crystal-core --no-partial-tests --json > report.json

Viewing and Inspecting Jobs

Once a request has been submitted you can always come back to it:

CommandWhat it does
fwci request <REQUEST_ID>Snapshot of all jobs in a request (table).
fwci request <REQUEST_ID> --watchLive-updating table until every job is terminal. Use --interval 10s for a slower refresh.
fwci view <JOB_ID>Stream live logs of a single job, or show the compact report if it already finished. Succeeded steps collapse to a one-liner; failed/aborted steps keep full logs.
fwci view <JOB_ID> --longFull report: every step emits its log box, including succeeded ones.
fwci view <JOB_ID> --jsonEmit a single JSON report to stdout on completion. Succeeded steps drop their logs; combine with --long to include them.

While a job is queued, fwci view shows the full request table live so you can see queue position; once the job actually starts it switches to log streaming automatically.

Ad-hoc Tests (fwci exec)

fwci exec submits one or more test YAML files on-the-fly, without committing them to the workflow. Useful for iterating on a new test locally.

You can pass individual test files, multiple files, or entire directories. When a directory is provided, it is scanned recursively for .yml/.yaml files that match the test schema β€” non-test files (e.g. dut.yaml, workflow.yaml) are automatically skipped.

# Run a single test file
$ fwci exec ./tests/boot.yaml -w fwci-crystal-core -b Binary=./coreboot.rom

# Run multiple test files
$ fwci exec test1.yaml test2.yaml -w fwci-crystal-core -b Binary=./coreboot.rom

# Run every test in a directory (recursive)
$ fwci exec ./tests/ -w fwci-crystal-core -b Binary=./coreboot.rom

# Multiple binaries
$ fwci exec ./tests/ -w fwci-crystal-core -b Binary=./coreboot.rom -b Data=./data.bin

# Submit and exit (for CI)
$ fwci exec ./tests/boot.yaml -w fwci-crystal-core --no-follow
FlagDescription
-wWorkflow name. If omitted, a workflow can be selected interactively.
-pProject name. Required when the workflow name is not unique across projects.
-bBinary mapping as key=path. Repeat for multiple binaries.

Follows by default (same --no-follow / --json / --long flags as fwci job).

Tests submitted via fwci exec appear on the FirmwareCI dashboard as OneShot triggers and are not associated with any VCS commit.

  1. Integrations: Integration with version control systems (GitHub or GitLab).

    Getting Your User/Org Token:

    The TOKEN is required for all CI/CD integrations. To obtain it:

    1. Log in to the FirmwareCI web UI
    2. Navigate to your profile
    3. Click the tokens tab inside the profile page
    4. Create a new user token or ask you administrator if an org token is required.
    5. Use this Token in your CI/CD configuration (see examples below)

    Referencing Your Workflow:

    Every CI/CD integration requires you to identify which workflow to run. There are two ways to do this β€” use whichever fits your setup best:

    VariableDescription
    WORKFLOW_NAMERecommended. The human-readable name of the workflow (e.g. coreboot-tests). Easy to read in CI configs. The name must match exactly and be unique within the project.
    WORKFLOW_ID(Deprecated β€” still supported.) The internal ULID of the workflow. Does not change when the workflow is renamed, but makes CI configs harder to read and requires copying the ID from the UI.

    WORKFLOW_ID and WORKFLOW_NAME are mutually exclusive β€” set exactly one.

    Getting Your Workflow Name:

    1. Log in to the FirmwareCI web UI
    2. Navigate to your workflow
    3. The name shown in the header is the value to use for WORKFLOW_NAME

    • GitHub Action:

      - name: Upload to FirmwareCI
  uses: docker://firmwareci/action:v5.2
  with:
    TOKEN: "${{ secrets.FWCI_TOKEN }}"
    # EMAIL: ${{ secrets.FWCI_EMAIL }}
    # PASSWORD: ${{ secrets.FWCI_PASSWORD }}

    WORKFLOW_NAME: "coreboot-tests"
    # WORKFLOW_ID: "${{ secrets.FWCI_WORKFLOW_ID }}"  # deprecated, still supported

    BINARIES: BINARY=./coreboot.rom
    # GITHUB_INSTALLATION_ID: 12345678 (only required if it differs from the integration source)

    • GitLab CI/CD:

      # Push binary artifacts to FirmwareCI
push_firmwareci:
  stage: push_firmwareci
  needs:
    - job: build_coreboot

  image: firmwareci/action:v5.2
  variables:
    TOKEN: $FWCI_TOKEN
    # EMAIL: $FWCI_EMAIL
    # PASSWORD: $FWCI_PASSWORD

    WORKFLOW_NAME: "coreboot-tests"
    # WORKFLOW_ID: $FWCI_WORKFLOW_ID  # deprecated, still supported

    # GITLAB_TOKEN: $FWCI_GITLAB_TOKEN  # required for back-reporting; can be omitted if already stored via `fwci integration --gitlab-auth`
    BINARIES: BINARY=/builds/$CI_PROJECT_PATH/build/coreboot.rom;Data=/builds/$CI_PROJECT_PATH/build/data
  script:
    - /bin/action

    • Gerrit CI/CD: Please refer to Gerrit Integration Guide.

Cross-Repository Workflow Configuration

By default, the action resolves the workflow by looking up the project that matches the repository where the CI pipeline runs. This works well when the FirmwareCI configuration (.firmwareci/) lives in the same repository as the triggering pipeline.

However, a common pattern is to keep FirmwareCI configuration in a dedicated infrastructure repository (e.g. my-org/firmware-tests) while triggering jobs from a product repository (e.g. my-org/my-product). In this case the action cannot find the workflow automatically, because the trigger repository does not have a matching FirmwareCI project.

Use PROJECT_LINK to tell the action which project to look up the workflow in.

Getting Your PROJECT_LINK:

  1. Log in to the FirmwareCI web UI
  2. Navigate to the Workflows page
  3. Find the project that contains your workflow β€” the value to use (in instance/org/repo format) is shown next to the project name and can be copied with the button beside it
Value formatWhen to use
github.com/org/repoFirmwareCI config is on GitHub (works from any CI platform)
gitlab.com/namespace/nameFirmwareCI config is on GitLab.com (works from any CI platform)
custom.host/namespace/nameFirmwareCI config is on a self-hosted GitLab instance (no https:// required)
https://custom.host/namespace/nameSame as above, with explicit scheme
org/repoShorthand: infers the platform from the CI environment (GitHub β†’ GitHub, GitLab β†’ GitLab.com)

PROJECT_LINK only affects workflow resolution. Back-reporting (commit statuses, PR checks) always targets the repository that triggered the pipeline β€” this is unchanged.

Token Requirements

When using PROJECT_LINK, verify that all tokens have the required scopes for both the trigger repository and the project referenced by PROJECT_LINK:

GitHub:

  • The FirmwareCI GitHub App must be installed in the organization that owns the workflow project (i.e. my-org in my-org/firmware-tests), not just the trigger repository.
  • The GITHUB_INSTALLATION_ID must correspond to the installation in the workflow project’s organization. Set it explicitly if the trigger repo and the workflow project belong to different organizations.

GitLab:

  • The GITLAB_TOKEN (or the token stored in the FirmwareCI integration) must have at least read_repository scope on the repository specified in PROJECT_LINK.
  • For self-hosted instances (https://gitlab.example.com/...), ensure the token is valid for that instance and not scoped to a different GitLab URL.

Example β€” GitHub Action, config in a different GitHub repo:

- name: Upload to FirmwareCI
  uses: docker://firmwareci/action:v5.2
  with:
    TOKEN: "${{ secrets.FWCI_TOKEN }}"
    WORKFLOW_NAME: "coreboot-tests"
    PROJECT_LINK: "github.com/my-org/firmware-tests"
    BINARIES: BINARY=./coreboot.rom

Example β€” GitLab CI/CD, config on a self-hosted GitLab instance:

push_firmwareci:
  stage: push_firmwareci
  image: firmwareci/action:v5.2
  variables:
    TOKEN: $FWCI_TOKEN
    WORKFLOW_NAME: "coreboot-tests"
    PROJECT_LINK: "gitlab.example.com/my-group/firmware-tests"
    BINARIES: BINARY=/builds/$CI_PROJECT_PATH/build/coreboot.rom
  script:
    - /bin/action

Example β€” GitLab CI/CD, referencing a GitHub project:

push_firmwareci:
  stage: push_firmwareci
  image: firmwareci/action:v5.2
  variables:
    TOKEN: $FWCI_TOKEN
    WORKFLOW_NAME: "coreboot-tests"
    PROJECT_LINK: "github.com/my-org/firmware-tests"
    BINARIES: BINARY=/builds/$CI_PROJECT_PATH/build/coreboot.rom
  script:
    - /bin/action
  1. REST API: Making HTTP requests to trigger jobs. For further information, refer to FirmwareCI API Documentation.

Backreporting

Backreporting ensures that test results from FirmwareCI are automatically communicated back to your version control system. We support backreporting for both GitHub, GitLab & Gerrit. Jobs can be initiated from any repository, not limited to the integration source, allowing you to trigger tests across platforms (e.g., GitHub and GitLab).

GitHub Backreporting

For GitHub, FirmwareCI provides an official GitHub App that can be installed in your repository. This app automatically reports:

  • Pull Requests: Adds test result comments directly on the PR.
  • Default Branch Commits: Updates the commit status with test results.

Installation & Setup

  1. Install the FirmwareCI GitHub App.
  2. Grant it access to the repositories where you want backreporting enabled.
  3. Once a job is triggered through the CI, it will report back into this repository.

GitLab Backreporting

For GitLab, users need to manually provide an access token for FirmwareCI to authenticate and post test results. The results are reported as:

  • Commit Comments: Test status is added as a comment and status to the commit.
  • Merge Requests: Adds results as a comment and status on the MR.

Setup Instructions

  1. Create a Gitlab access token (select one method):

    Option 1: User Access Token

    • Navigate to your Gitlab account settings
    • Select “Access Tokens” in the left navigation panel

    Gitlab Access Tokens Gitlab Access Tokens

    • Generate a new token with the required scopes: api, read_repository

    Option 2: Project Access Token

    • Access your Gitlab project repository
    • Navigate to Settings > Access Tokens

    Gitlab Project Access Token Setting Gitlab Project Access Token Setting

    • Create a project access token with minimum developer role permissions and both api and read_repository scopes

    Gitlab Project Access Token Creation Gitlab Project Access Token Creation

    • Integrate the repository using the following command:
    fwci integration --gitlab-auth="YOUR_ACCESS_TOKEN"

  2. Visit the webpage of your project.

  3. Scroll down to the Webhook Settings.

    Project Tab Project Tab

  4. Add the webhook as shown and save.

Note: The secret token for the webhook will be provided upon request. Please contact the FirmwareCI team to obtain your specific webhook token.

Webhook Settings Webhook Settings

Default-Webhook-URL:

   https://api.firmwareci.9esec.dev:8443

Gerrit Backreporting

Please refer to Gerrit Integration Guide.

Linking Back to Job Triggers

For details on how to trigger a job, refer to the Job Triggers section.