Skip to content

Build [ "rpm", "deb" ] Wazuh Indexer on [ "x64" ] | testy-test-test #229

Build [ "rpm", "deb" ] Wazuh Indexer on [ "x64" ] | testy-test-test

Build [ "rpm", "deb" ] Wazuh Indexer on [ "x64" ] | testy-test-test #229

Workflow file for this run

run-name: Build ${{ inputs.distribution }} Wazuh Indexer on ${{ inputs.architecture }} | ${{ inputs.id }}
name: Build packages (on demand)
# This workflow runs when any of the following occur:
# - Run manually
# - Invoked from another workflow
on:
workflow_dispatch:
inputs:
revision:
description: "Revision"
type: string
default: "0"
upload:
description: "Upload ?"
type: boolean
default: false
is_stage:
description: "Is stage ?"
type: boolean
default: false
distribution:
description: '[ "tar", "rpm", "deb" ]'
type: string
default: '[ "rpm", "deb" ]'
architecture:
description: '[ "x64", "arm64" ]'
type: string
default: '[ "x64" ]'
checksum:
description: "Checksum ?"
type: boolean
default: false
id:
description: "ID used to identify the workflow uniquely."
type: string
required: false
plugins_reference:
description: "Branch, commit or tag for the plugins repository"
type: string
default: "master"
workflow_call:
inputs:
revision:
description: "Revision"
type: string
default: "0"
upload:
description: "Upload ?"
type: boolean
default: false
is_stage:
description: "Is stage ?"
type: boolean
default: false
distribution:
description: '[ "tar", "rpm", "deb" ]'
type: string
default: '[ "rpm", "deb" ]'
architecture:
description: '[ "x64", "arm64" ]'
type: string
default: '[ "x64" ]'
checksum:
description: "Checksum ?"
type: boolean
default: false
id:
type: string
required: false
plugins_reference:
description: "Branch, commit or tag for the plugins repository"
type: string
default: "master"
secrets:
CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY:
required: true
description: "AWS user access key"
CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY:
required: true
description: "AWS user secret key"
# ==========================
# Bibliography
# ==========================
#
# * Reusable workflows: limitations
# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations
# * Using matrix in reusable workflows:
# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-a-matrix-strategy-with-a-reusable-workflow
# * Reading input from the called workflow
# | https://docs.github.com/en/enterprise-cloud@latest/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs
# * Ternary operator
# | https://docs.github.com/en/actions/learn-github-actions/expressions#example
jobs:
matrix:
name: Set up matrix
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.setup.outputs.matrix }}
steps:
- id: setup
run: |
matrix=$(jq -cn \
--argjson distribution '${{ github.event.inputs.distribution }}' \
--argjson architecture '${{ github.event.inputs.architecture }}' \
'{distribution: $distribution, architecture: $architecture}'
)
echo "matrix=$matrix" >> $GITHUB_OUTPUT
build-plugins:
if: ${{ github.event.inputs.plugins_reference }}
strategy:
fail-fast: false
matrix:
plugins: ["wazuh-indexer-setup"]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
repository: wazuh/wazuh-indexer-plugins
ref: ${{ github.event.inputs.plugins_reference }}
- uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v4
- name: Get version
id: version
run: echo "version=$(<VERSION)" >> "$GITHUB_OUTPUT"
- name: Build with Gradle
working-directory: .//plugins/${{ matrix.plugins }}
run: |
./gradlew build -Dversion=${{ steps.version.outputs.version }} -Drevision=${{ github.event.inputs.revision }}
ls -lR build/distributions/
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.plugins }}
path: "./plugins/${{ matrix.plugins }}/build/distributions/${{ matrix.plugins }}-${{ steps.version.outputs.version }}.${{ github.event.inputs.revision }}.zip"
if-no-files-found: error
build:
needs: [matrix, build-plugins]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.matrix.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
# Download plugins
- uses: actions/download-artifact@v4
with:
path: ./artifacts/plugins
merge-multiple: true
- name: Display structure of downloaded files
run: ls -lR ./artifacts/plugins
- uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v4
- name: Provision
if: ${{ matrix.distribution == 'deb' }}
run: |
sudo bash build-scripts/provision.sh
- name: Run `baptizer.sh` (min)
run: |
name=$(bash build-scripts/baptizer.sh -m \
-a ${{ matrix.architecture }} \
-d ${{ matrix.distribution }} \
-r ${{ github.event.inputs.revision }} \
${{ github.event.inputs.is_stage && '-x' || '' }} \
)
echo "name=$name" >> $GITHUB_OUTPUT
id: min_package
- name: Run `baptizer.sh`
run: |
name=$(bash build-scripts/baptizer.sh \
-a ${{ matrix.architecture }} \
-d ${{ matrix.distribution }} \
-r ${{ github.event.inputs.revision }} \
${{ github.event.inputs.is_stage && '-x' || '' }} \
)
echo "name=$name" >> $GITHUB_OUTPUT
id: package
- name: Run `build.sh`
run: |
bash build-scripts/build.sh \
-a ${{ matrix.architecture }} \
-d ${{ matrix.distribution }} \
-n ${{ steps.min_package.outputs.name }}
- name: Run `assemble.sh`
run: |
bash build-scripts/assemble.sh \
-a ${{ matrix.architecture }} \
-d ${{ matrix.distribution }} \
-r ${{ github.event.inputs.revision }}
- name: Test RPM package
if: ${{ matrix.distribution == 'rpm' }}
uses: addnab/docker-run-action@v3
with:
image: redhat/ubi9:latest
options: -v ${{ github.workspace }}/artifacts/dist:/artifacts/dist
run: |
yum localinstall "/artifacts/dist/${{ steps.package.outputs.name }}" -y
- name: Test DEB package
if: ${{ matrix.distribution == 'deb' }}
run: |
sudo dpkg -i "artifacts/dist/${{ steps.package.outputs.name }}"
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: ${{ steps.package.outputs.name }}
path: artifacts/dist/${{ steps.package.outputs.name }}
if-no-files-found: error
- name: Set up AWS CLI
if: ${{ github.event.inputs.upload }}
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY }}
aws-region: ${{ secrets.CI_AWS_REGION }}
- name: Upload package to S3
if: ${{ github.event.inputs.upload }}
run: |
src="artifacts/dist/${{ steps.package.outputs.name }}"
dest="s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/"
aws s3 cp "$src" "$dest"
s3uri="${dest}${{ steps.package.outputs.name }}"
echo "S3 URI: ${s3uri}"
- name: Upload checksum to S3
if: ${{ github.event.inputs.upload && github.event.inputs.checksum }}
run: |
src="artifacts/dist/${{ steps.package.outputs.name }}.sha512"
dest="s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/"
aws s3 cp "$src" "$dest"
s3uri="${dest}${{ steps.package.outputs.name }}.sha512"
echo "S3 sha512 URI: ${s3uri}"