Build [ "rpm", "deb" ] Wazuh Indexer on [ "x64" ] | testy-test-test #228
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
run-name: Build ${{ inputs.distribution }} Wazuh Indexer on ${{ inputs.architecture }} | ${{ inputs.id }} | |
name: Build packages (on demand) | |
# This workflow runs when any of the following occur: | |
# - Run manually | |
# - Invoked from another workflow | |
on: | |
workflow_dispatch: | |
inputs: | |
revision: | |
description: "Revision" | |
type: string | |
default: "0" | |
upload: | |
description: "Upload ?" | |
type: boolean | |
default: false | |
is_stage: | |
description: "Is stage ?" | |
type: boolean | |
default: false | |
distribution: | |
description: '[ "tar", "rpm", "deb" ]' | |
type: string | |
default: '[ "rpm", "deb" ]' | |
architecture: | |
description: '[ "x64", "arm64" ]' | |
type: string | |
default: '[ "x64" ]' | |
checksum: | |
description: "Checksum ?" | |
type: boolean | |
default: false | |
id: | |
description: "ID used to identify the workflow uniquely." | |
type: string | |
required: false | |
build_plugins: | |
description: "Build plugins ?" | |
type: boolean | |
default: true | |
plugins_reference: | |
description: "Branch, commit or tag for the plugins repository" | |
type: string | |
default: "master" | |
workflow_call: | |
inputs: | |
revision: | |
description: "Revision" | |
type: string | |
default: "0" | |
upload: | |
description: "Upload ?" | |
type: boolean | |
default: false | |
is_stage: | |
description: "Is stage ?" | |
type: boolean | |
default: false | |
distribution: | |
description: '[ "tar", "rpm", "deb" ]' | |
type: string | |
default: '[ "rpm", "deb" ]' | |
architecture: | |
description: '[ "x64", "arm64" ]' | |
type: string | |
default: '[ "x64" ]' | |
checksum: | |
description: "Checksum ?" | |
type: boolean | |
default: false | |
id: | |
type: string | |
required: false | |
build_plugins: | |
description: "Build plugins ?" | |
type: boolean | |
default: true | |
plugins_reference: | |
description: "Branch, commit or tag for the plugins repository" | |
type: string | |
default: "master" | |
secrets: | |
CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY: | |
required: true | |
description: "AWS user access key" | |
CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY: | |
required: true | |
description: "AWS user secret key" | |
# ========================== | |
# Bibliography | |
# ========================== | |
# | |
# * Reusable workflows: limitations | |
# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations | |
# * Using matrix in reusable workflows: | |
# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-a-matrix-strategy-with-a-reusable-workflow | |
# * Reading input from the called workflow | |
# | https://docs.github.com/en/enterprise-cloud@latest/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs | |
# * Ternary operator | |
# | https://docs.github.com/en/actions/learn-github-actions/expressions#example | |
jobs: | |
matrix: | |
name: Set up matrix | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.setup.outputs.matrix }} | |
steps: | |
- id: setup | |
run: | | |
matrix=$(jq -cn \ | |
--argjson distribution '${{ github.event.inputs.distribution }}' \ | |
--argjson architecture '${{ github.event.inputs.architecture }}' \ | |
'{distribution: $distribution, architecture: $architecture}' | |
) | |
echo "matrix=$matrix" >> $GITHUB_OUTPUT | |
build-plugins: | |
strategy: | |
fail-fast: false | |
matrix: | |
plugins: ["wazuh-indexer-setup"] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
repository: wazuh/wazuh-indexer-plugins | |
ref: ${{ github.event.inputs.plugins_reference }} | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 21 | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v4 | |
- name: Get version | |
id: version | |
run: echo "version=$(<VERSION)" >> "$GITHUB_OUTPUT" | |
- name: Build with Gradle | |
working-directory: .//plugins/${{ matrix.plugins }} | |
run: | | |
./gradlew build -Dversion=${{ steps.version.outputs.version }} -Drevision=${{ github.event.inputs.revision }} | |
ls -lR build/distributions/ | |
# - name: Publish to Maven local | |
# working-directory: ./plugins/${{ matrix.plugins }} | |
# run: | | |
# ./gradlew publishToMavenLocal -Dversion=${{ steps.version.outputs.version }} -Drevision=${{ github.event.inputs.revision }} | |
# ls -lR "${HOME}/.m2/repository/org/wazuh/" | |
- name: Upload artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ matrix.plugins }} | |
path: "./plugins/${{ matrix.plugins }}/build/distributions/${{ matrix.plugins }}-${{ steps.version.outputs.version }}.${{ github.event.inputs.revision }}.zip" | |
if-no-files-found: error | |
build: | |
needs: [matrix, build-plugins] | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJson(needs.matrix.outputs.matrix) }} | |
steps: | |
- uses: actions/checkout@v4 | |
# Download plugins | |
- uses: actions/download-artifact@v4 | |
with: | |
path: ./artifacts/plugins | |
merge-multiple: true | |
- name: Display structure of downloaded files | |
run: ls -lR ./artifacts/plugins | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 21 | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v4 | |
- name: Provision | |
if: ${{ matrix.distribution == 'deb' }} | |
run: | | |
sudo bash packaging_scripts/provision.sh | |
- name: Run `baptizer.sh` (min) | |
run: | | |
name=$(bash packaging_scripts/baptizer.sh -m \ | |
-a ${{ matrix.architecture }} \ | |
-d ${{ matrix.distribution }} \ | |
-r ${{ github.event.inputs.revision }} \ | |
${{ github.event.inputs.is_stage && '-x' || '' }} \ | |
) | |
echo "name=$name" >> $GITHUB_OUTPUT | |
id: min_package | |
- name: Run `baptizer.sh` | |
run: | | |
name=$(bash packaging_scripts/baptizer.sh \ | |
-a ${{ matrix.architecture }} \ | |
-d ${{ matrix.distribution }} \ | |
-r ${{ github.event.inputs.revision }} \ | |
${{ github.event.inputs.is_stage && '-x' || '' }} \ | |
) | |
echo "name=$name" >> $GITHUB_OUTPUT | |
id: package | |
- name: Run `build.sh` | |
run: | | |
bash packaging_scripts/build.sh \ | |
-a ${{ matrix.architecture }} \ | |
-d ${{ matrix.distribution }} \ | |
-n ${{ steps.min_package.outputs.name }} | |
- name: Run `assemble.sh` | |
run: | | |
bash packaging_scripts/assemble.sh \ | |
-a ${{ matrix.architecture }} \ | |
-d ${{ matrix.distribution }} \ | |
-r ${{ github.event.inputs.revision }} | |
- name: Test RPM package | |
if: ${{ matrix.distribution == 'rpm' }} | |
uses: addnab/docker-run-action@v3 | |
with: | |
image: redhat/ubi9:latest | |
options: -v ${{ github.workspace }}/artifacts/dist:/artifacts/dist | |
run: | | |
yum localinstall "/artifacts/dist/${{ steps.package.outputs.name }}" -y | |
- name: Test DEB package | |
if: ${{ matrix.distribution == 'deb' }} | |
run: | | |
sudo dpkg -i "artifacts/dist/${{ steps.package.outputs.name }}" | |
- name: Upload artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ steps.package.outputs.name }} | |
path: artifacts/dist/${{ steps.package.outputs.name }} | |
if-no-files-found: error | |
- name: Set up AWS CLI | |
if: ${{ github.event.inputs.upload }} | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY }} | |
aws-secret-access-key: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY }} | |
aws-region: ${{ secrets.CI_AWS_REGION }} | |
- name: Upload package to S3 | |
if: ${{ github.event.inputs.upload }} | |
run: | | |
src="artifacts/dist/${{ steps.package.outputs.name }}" | |
dest="s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/" | |
aws s3 cp "$src" "$dest" | |
s3uri="${dest}${{ steps.package.outputs.name }}" | |
echo "S3 URI: ${s3uri}" | |
- name: Upload checksum to S3 | |
if: ${{ github.event.inputs.upload && github.event.inputs.checksum }} | |
run: | | |
src="artifacts/dist/${{ steps.package.outputs.name }}.sha512" | |
dest="s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/" | |
aws s3 cp "$src" "$dest" | |
s3uri="${dest}${{ steps.package.outputs.name }}.sha512" | |
echo "S3 sha512 URI: ${s3uri}" |