Build [ "rpm", "deb" ] Wazuh Indexer on [ "x64" ] | #244
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
run-name: Build ${{ inputs.distribution }} Wazuh Indexer on ${{ inputs.architecture }} | ${{ inputs.id }} | |
name: Build packages (on demand) | |
# This workflow runs when any of the following occur: | |
# - Run manually | |
# - Invoked from another workflow | |
on: | |
workflow_dispatch: | |
inputs: | |
revision: | |
description: "Revision" | |
type: string | |
default: "0" | |
upload: | |
description: "Upload ?" | |
type: boolean | |
default: false | |
is_stage: | |
description: "Is stage ?" | |
type: boolean | |
default: false | |
distribution: | |
description: '[ "tar", "rpm", "deb" ]' | |
type: string | |
default: '[ "rpm", "deb" ]' | |
architecture: | |
description: '[ "x64", "arm64" ]' | |
type: string | |
default: '[ "x64" ]' | |
checksum: | |
description: "Checksum ?" | |
type: boolean | |
default: false | |
id: | |
description: "ID used to identify the workflow uniquely." | |
type: string | |
required: false | |
workflow_call: | |
inputs: | |
revision: | |
description: "Revision" | |
type: string | |
default: "0" | |
upload: | |
description: "Upload ?" | |
type: boolean | |
default: false | |
is_stage: | |
description: "Is stage ?" | |
type: boolean | |
default: false | |
distribution: | |
description: '[ "tar", "rpm", "deb" ]' | |
type: string | |
default: '[ "rpm", "deb" ]' | |
architecture: | |
description: '[ "x64", "arm64" ]' | |
type: string | |
default: '[ "x64" ]' | |
checksum: | |
description: "Checksum ?" | |
type: boolean | |
default: false | |
id: | |
type: string | |
required: false | |
secrets: | |
CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY: | |
required: true | |
description: "AWS user access key" | |
CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY: | |
required: true | |
description: "AWS user secret key" | |
# ========================== | |
# Bibliography | |
# ========================== | |
# | |
# * Reusable workflows: limitations | |
# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations | |
# * Using matrix in reusable workflows: | |
# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-a-matrix-strategy-with-a-reusable-workflow | |
# * Reading input from the called workflow | |
# | https://docs.github.com/en/enterprise-cloud@latest/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs | |
# * Ternary operator | |
# | https://docs.github.com/en/actions/learn-github-actions/expressions#example | |
jobs: | |
matrix: | |
name: Set up matrix | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.setup.outputs.matrix }} | |
steps: | |
- id: setup | |
run: | | |
matrix=$(jq -cn \ | |
--argjson distribution '${{ inputs.distribution }}' \ | |
--argjson architecture '${{ inputs.architecture }}' \ | |
'{distribution: $distribution, architecture: $architecture}' | |
) | |
echo "matrix=$matrix" >> $GITHUB_OUTPUT | |
build: | |
needs: [matrix] | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJson(needs.matrix.outputs.matrix) }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 11 | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v3 | |
- name: Provision | |
if: ${{ matrix.distribution == 'deb' }} | |
run: | | |
sudo bash packaging_scripts/provision.sh | |
- name: Run `baptizer.sh` (min) | |
run: | | |
name=$(bash packaging_scripts/baptizer.sh -m \ | |
-a ${{ matrix.architecture }} \ | |
-d ${{ matrix.distribution }} \ | |
-r ${{ inputs.revision }} \ | |
${{ inputs.is_stage && '-x' || '' }} \ | |
) | |
echo "name=$name" >> $GITHUB_OUTPUT | |
id: min_package | |
- name: Run `baptizer.sh` | |
run: | | |
name=$(bash packaging_scripts/baptizer.sh \ | |
-a ${{ matrix.architecture }} \ | |
-d ${{ matrix.distribution }} \ | |
-r ${{ inputs.revision }} \ | |
${{ inputs.is_stage && '-x' || '' }} \ | |
) | |
echo "name=$name" >> $GITHUB_OUTPUT | |
id: package | |
- name: Run `build.sh` | |
run: | | |
bash packaging_scripts/build.sh \ | |
-a ${{ matrix.architecture }} \ | |
-d ${{ matrix.distribution }} \ | |
-n ${{ steps.min_package.outputs.name }} | |
- name: Run `assemble.sh` | |
run: | | |
bash packaging_scripts/assemble.sh \ | |
-a ${{ matrix.architecture }} \ | |
-d ${{ matrix.distribution }} \ | |
-r ${{ inputs.revision }} | |
- name: Test RPM package | |
if: ${{ matrix.distribution == 'rpm' }} | |
uses: addnab/docker-run-action@v3 | |
with: | |
image: redhat/ubi9:latest | |
options: -v ${{ github.workspace }}/artifacts/dist:/artifacts/dist | |
run: | | |
yum localinstall "/artifacts/dist/${{ steps.package.outputs.name }}" -y | |
- name: Test DEB package | |
if: ${{ matrix.distribution == 'deb' }} | |
run: | | |
sudo dpkg -i "artifacts/dist/${{ steps.package.outputs.name }}" | |
- name: Upload artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ steps.package.outputs.name }} | |
path: artifacts/dist/${{ steps.package.outputs.name }} | |
if-no-files-found: error | |
- name: Set up AWS CLI | |
if: ${{ inputs.upload }} | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY }} | |
aws-secret-access-key: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY }} | |
aws-region: ${{ secrets.CI_AWS_REGION }} | |
- name: Upload package to S3 | |
if: ${{ inputs.upload }} | |
run: | | |
src="artifacts/dist/${{ steps.package.outputs.name }}" | |
dest="s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/" | |
aws s3 cp "$src" "$dest" | |
s3uri="${dest}${{ steps.package.outputs.name }}" | |
echo "S3 URI: ${s3uri}" | |
- name: Upload checksum to S3 | |
if: ${{ inputs.upload && inputs.checksum }} | |
run: | | |
src="artifacts/dist/${{ steps.package.outputs.name }}.sha512" | |
dest="s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/" | |
aws s3 cp "$src" "$dest" | |
s3uri="${dest}${{ steps.package.outputs.name }}.sha512" | |
echo "S3 sha512 URI: ${s3uri}" |