wazuh · f-galland · Jan 9, 2024 · Jan 9, 2024 · Jan 9, 2024 · Jan 9, 2024
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -36,7 +36,7 @@ jobs:
     with:
       architecture: ${{ matrix.architecture }}
       distribution: ${{ matrix.distribution }}
-      name: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ inputs.revision }}-${{ matrix.architecture }}_${{ github.sha }}.${{ matrix.distribution }}
+      revision: ${{ inputs.revision }}
       # wazuh-indexer-min_4.8.0-rc1_x64_ff98475f.deb
       # TODO arm64 != amd64 (deb), x64 != x86_64 (rpm)
       # TODO use short SHA https://stackoverflow.com/a/59819441/13918537
@@ -56,5 +56,4 @@ jobs:
     with:
       architecture: ${{ matrix.architecture }}
       distribution: ${{ matrix.distribution }}
-      min: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ inputs.revision }}-${{ matrix.architecture }}_${{ github.sha }}.${{ matrix.distribution }}
-      name: wazuh-indexer_${{ needs.version.outputs.version }}-${{ inputs.revision }}-${{ matrix.architecture }}_${{ github.sha }}.${{ matrix.distribution }}
+      min: ${{ needs.build.outputs.artifact_name }}
diff --git a/.github/workflows/r_assemble.yml b/.github/workflows/r_assemble.yml
@@ -19,10 +19,6 @@ on:
         description: The name of the package to download.
         required: true
         type: string
-      name:
-        description: The name of the package to upload.
-        required: true
-        type: string
 
 jobs:
   r_assemble:
@@ -57,6 +53,6 @@ jobs:
       - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:
-          name: ${{ inputs.name }}
+          name: ${{ steps.get_name.outputs.name }}
           path: artifacts/dist/${{ steps.get_name.outputs.name }}
           if-no-files-found: error
diff --git a/.github/workflows/r_build.yml b/.github/workflows/r_build.yml
@@ -15,8 +15,12 @@ on:
         default: "x64"
         required: false
         type: string
-      name:
+      revision:
         type: string
+    outputs:
+      artifact_name:
+        description: "Returns the build artifact's filename"
+        value: ${{ jobs.r_build.outputs.get_name.name }}
 
 jobs:
   r_build:
@@ -37,17 +41,17 @@ jobs:
 
       - name: Run `build.sh`
         run: |
-          bash scripts/build.sh -v ${{ vars.OPENSEARCH_VERSION }} -s false -p linux -a ${{ inputs.architecture }} -d ${{ inputs.distribution }}
+          bash scripts/build.sh -v ${{ vars.OPENSEARCH_VERSION }} -s false -p linux -a ${{ inputs.architecture }} -d ${{ inputs.distribution }} -r ${{ inputs.revision }}
 
-      # The package's name is stored in artifacts/artifact_name.txt.
+      # The package's name is stored in artifacts/artifact_min_name.txt.
       - name: Set package name
         id: get_name
         run: |
-          echo "name=$(cat artifacts/artifact_name.txt)" >> $GITHUB_OUTPUT
+          echo "name=$(cat artifacts/artifact_min_name.txt)" >> $GITHUB_OUTPUT
 
       - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:
-          name: ${{ inputs.name }}
+          name: ${{ steps.get_name.outputs.name }}
           path: artifacts/dist/${{ steps.get_name.outputs.name }}
           if-no-files-found: error
diff --git a/docker/images/wi-dev.Dockerfile b/docker/images/wi-dev.Dockerfile
@@ -6,11 +6,13 @@ RUN gradle clean
 
 
 FROM eclipse-temurin:17-jdk-alpine
-RUN addgroup -g 1000 wazuh-indexer && \
+RUN apk add git && \
+    addgroup -g 1000 wazuh-indexer && \
     adduser -u 1000 -G wazuh-indexer -D -h /home/wazuh-indexer wazuh-indexer && \
     chmod 0775 /home/wazuh-indexer && \
     chown -R 1000:0 /home/wazuh-indexer
 USER wazuh-indexer
 COPY --from=builder --chown=1000:0 /home/wazuh-indexer/app /home/wazuh-indexer/app
 WORKDIR /home/wazuh-indexer/app
+RUN git config --global --add safe.directory /home/wazuh-indexer/app
 EXPOSE 9200 9300
diff --git a/scripts/assemble.sh b/scripts/assemble.sh
@@ -165,6 +165,30 @@ function add_configuration_files() {
     find . -name "*.bat" -exec rm -rf {} \;
 }
 
+# ====
+# Remove unneeded files
+# ====
+function remove_unneeded_files() {
+		rm $PATH_PLUGINS/opensearch-security/tools/install_demo_configuration.sh
+}
+
+# ====
+# Set up configuration files
+# ====
+function add_configuration_files() {
+    # swap configuration files
+    cp $PATH_CONF/security/* $PATH_CONF/opensearch-security/
+    cp $PATH_CONF/jvm.prod.options $PATH_CONF/jvm.options
+    cp $PATH_CONF/opensearch.prod.yml $PATH_CONF/opensearch.yml
+
+    rm -r $PATH_CONF/security
+    rm $PATH_CONF/jvm.prod.options $PATH_CONF/opensearch.prod.yml
+
+    # Remove symbolic links and bat files
+    find . -type l -exec rm -rf {} \;
+    find . -name "*.bat" -exec rm -rf {} \;
+}
+
 # ====
 # Copy performance analyzer service file
 # ====
@@ -202,7 +226,7 @@ function clean() {
     rm -r "${OUTPUT}/tmp"
     echo "After execution, shell path is $(pwd)"
     # Store package's name to file. Used by GH Action.
-    echo "${package_name}" >"${OUTPUT}/artifact_name.txt"
+    echo "${ARTIFACT_PACKAGE_NAME}" >"${OUTPUT}/artifact_name.txt"
 }
 
 # ====
@@ -212,6 +236,7 @@ function assemble_tar() {
     cd "${TMP_DIR}"
     PATH_CONF="./config"
     PATH_BIN="./bin"
+    PATH_BIN="./plugins"
 
     # Extract
     echo "Extract ${ARTIFACT_BUILD_NAME} archive"
@@ -223,12 +248,14 @@ function assemble_tar() {
     # Swap configuration files
     add_configuration_files
 
+		remove_unneeded_files
+
     # Pack
     archive_name="wazuh-indexer-$(cat VERSION)"
     cd ..
     tar -cvf "${archive_name}-${SUFFIX}.${EXT}" "${archive_name}"
     cd ../../..
-    cp "${TMP_DIR}/${archive_name}-${SUFFIX}.${EXT}" "${OUTPUT}/dist/"
+    cp "${TMP_DIR}/${archive_name}-${SUFFIX}.${EXT}" "${OUTPUT}/dist/$ARTIFACT_PACKAGE_NAME"
 
     clean
 }
@@ -246,6 +273,7 @@ function assemble_rpm() {
     local src_path="./usr/share/wazuh-indexer"
     PATH_CONF="./etc/wazuh-indexer"
     PATH_BIN="${src_path}/bin"
+    PATH_PLUGINS="${src_path}/plugins"
 
     # Extract min-package. Creates usr/, etc/ and var/ in the current directory
     echo "Extract ${ARTIFACT_BUILD_NAME} archive"
@@ -257,6 +285,8 @@ function assemble_rpm() {
     # Swap configuration files
     add_configuration_files
 
+		remove_unneeded_files
+
     # Generate final package
     local topdir
     local version
@@ -272,8 +302,10 @@ function assemble_rpm() {
 
     # Move to the root folder, copy the package and clean.
     cd ../../..
+
     package_name="wazuh-indexer-${version}-1.${SUFFIX}.${EXT}"
-    cp "${TMP_DIR}/RPMS/${SUFFIX}/${package_name}" "${OUTPUT}/dist/"
+
+    cp "${TMP_DIR}/RPMS/${SUFFIX}/${package_name}" "${OUTPUT}/dist/$ARTIFACT_PACKAGE_NAME"
 
     clean
 }
@@ -293,6 +325,7 @@ function assemble_deb() {
     local src_path="./usr/share/wazuh-indexer"
     PATH_CONF="./etc/wazuh-indexer"
     PATH_BIN="${src_path}/bin"
+    PATH_PLUGINS="${src_path}/plugins"
 
     # Extract min-package. Creates usr/, etc/ and var/ in the current directory
     echo "Extract ${ARTIFACT_BUILD_NAME} archive"
@@ -305,6 +338,8 @@ function assemble_deb() {
     # Swap configuration files
     add_configuration_files
 
+		remove_unneeded_files
+
     # Generate final package
     local version
     version=$(cat ./usr/share/wazuh-indexer/VERSION)
@@ -319,9 +354,9 @@ function assemble_deb() {
 
     # Move to the root folder, copy the package and clean.
     cd ../../..
-    package_name="wazuh-indexer_${version}_${SUFFIX}.${EXT}"
+		package_name="wazuh-indexer_${version}_${SUFFIX}.${EXT}"
     # debmake creates the package one level above
-    cp "${TMP_DIR}/../${package_name}" "${OUTPUT}/dist/"
+    cp "${TMP_DIR}/../${package_name}" "${OUTPUT}/dist/$ARTIFACT_PACKAGE_NAME"
 
     clean
 }
@@ -333,8 +368,12 @@ function main() {
     parse_args "${@}"
 
     echo "Assembling wazuh-indexer for $PLATFORM-$DISTRIBUTION-$ARCHITECTURE"
-    # wazuh-indexer-min_4.9.0-1-x64_78fcc3db6a5b470294319e48b58c3d715bee39d1.rpm
-    ARTIFACT_BUILD_NAME=$(ls "${OUTPUT}/dist/" | grep "wazuh-indexer-min.*.$EXT")
+
+    ARTIFACT_BUILD_NAME=$(ls "${OUTPUT}/dist/" | grep "wazuh-indexer-min_.*$SUFFIX.*\.$EXT")
+
+		ARTIFACT_PACKAGE_NAME=${ARTIFACT_BUILD_NAME/min_/}
+
+
 
     # Create temporal directory and copy the min package there for extraction
     TMP_DIR="${OUTPUT}/tmp/${TARGET}"

diff --git a/scripts/build.sh b/scripts/build.sh
@@ -19,11 +19,12 @@ function usage() {
     echo -e "-p PLATFORM\t[Optional] Platform, default is 'uname -s'."
     echo -e "-a ARCHITECTURE\t[Optional] Build architecture, default is 'uname -m'."
     echo -e "-d DISTRIBUTION\t[Optional] Distribution, default is 'tar'."
+    echo -e "-d REVISION\t[Optional] Package revision, default is '1'."
     echo -e "-o OUTPUT\t[Optional] Output path, default is 'artifacts'."
     echo -e "-h help"
 }
 
-while getopts ":h:v:q:s:o:p:a:d:" arg; do
+while getopts ":h:v:q:s:o:p:a:d:r:" arg; do
     case $arg in
         h)
             usage
@@ -50,6 +51,9 @@ while getopts ":h:v:q:s:o:p:a:d:" arg; do
         d)
             DISTRIBUTION=$OPTARG
             ;;
+        r)
+            REVISION=$OPTARG
+            ;;
         :)
             echo "Error: -${OPTARG} requires an argument"
             usage
@@ -91,6 +95,7 @@ cp -r ./build/local-test-repo/org/opensearch "${OUTPUT}"/maven/org
 [ -z "$PLATFORM" ] && PLATFORM=$(uname -s | awk '{print tolower($0)}')
 [ -z "$ARCHITECTURE" ] && ARCHITECTURE=$(uname -m)
 [ -z "$DISTRIBUTION" ] && DISTRIBUTION="tar"
+[ -z "$REVISION" ] && REVISION="1"
 
 case $PLATFORM-$DISTRIBUTION-$ARCHITECTURE in
     linux-tar-x64|darwin-tar-x64)
@@ -162,8 +167,20 @@ echo "Building OpenSearch for $PLATFORM-$DISTRIBUTION-$ARCHITECTURE"
 # Copy artifact to dist folder in bundle build output
 echo "Copying artifact to ${OUTPUT}/dist"
 # [[ "$SNAPSHOT" == "true" ]] && IDENTIFIER="-SNAPSHOT"
+
+
 ARTIFACT_BUILD_NAME=$(ls "distribution/$TYPE/$TARGET/build/distributions/" | grep "wazuh-indexer-min.*$SUFFIX.$EXT")
+
+GIT_COMMIT=$(git rev-parse --short HEAD)
+
+WI_VERSION=$(<VERSION)
+
+
+ARTIFACT_PACKAGE_NAME=wazuh-indexer-min_"$WI_VERSION"-"$REVISION"_"$SUFFIX"_"$GIT_COMMIT"."$EXT"
+
 # [WAZUH] Used by the GH workflow to upload the artifact
-echo "$ARTIFACT_BUILD_NAME" > "$OUTPUT/artifact_name.txt"
+
+echo "$ARTIFACT_PACKAGE_NAME" > "$OUTPUT/artifact_min_name.txt"
+
 mkdir -p "${OUTPUT}/dist"
-cp "distribution/$TYPE/$TARGET/build/distributions/$ARTIFACT_BUILD_NAME" "${OUTPUT}/dist/$ARTIFACT_BUILD_NAME"
+cp "distribution/$TYPE/$TARGET/build/distributions/$ARTIFACT_BUILD_NAME" "${OUTPUT}/dist/$ARTIFACT_PACKAGE_NAME"