Skip to content

Build packages (on demand) [ 'deb' ] wazuh-indexer on amd64 | enhancement/wj6371-add-workflow-s3uri-output_2024-06-04_20-06-10-742 #129

Build packages (on demand) [ 'deb' ] wazuh-indexer on amd64 | enhancement/wj6371-add-workflow-s3uri-output_2024-06-04_20-06-10-742

Build packages (on demand) [ 'deb' ] wazuh-indexer on amd64 | enhancement/wj6371-add-workflow-s3uri-output_2024-06-04_20-06-10-742 #129

Workflow file for this run

run-name: Build packages (on demand) ${{ inputs.distribution }} wazuh-indexer on ${{ inputs.architecture }} | ${{ inputs.id }}
# This workflow runs when any of the following occur:
# - Run manually
# - Invoked from another workflow
on:
workflow_dispatch:
inputs:
revision:
description: "Revision"
type: string
default: "0"
upload:
description: "Upload ?"
type: boolean
default: false
is_stage:
description: "Is stage ?"
type: boolean
default: false
distribution:
description: '[ "tar", "rpm", "deb" ]'
type: string
default: '[ "rpm", "deb" ]'
architecture:
description: '[ "x64", "arm64" ]'
type: string
default: '[ "x64" ]'
checksum:
description: "Checksum ?"
type: boolean
default: false
id:
type: string
required: false
workflow_call:
inputs:
revision:
description: "Revision"
type: string
default: "0"
upload:
description: "Upload ?"
type: boolean
default: false
is_stage:
description: "Is stage ?"
type: boolean
default: false
distribution:
description: '[ "tar", "rpm", "deb" ]'
type: string
default: '[ "rpm", "deb" ]'
architecture:
description: '[ "x64", "arm64" ]'
type: string
default: '[ "x64" ]'
checksum:
description: "Checksum ?"
type: boolean
default: false
id:
type: string
required: false
secrets:
CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY:
required: true
description: "AWS user access key"
CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY:
required: true
description: "AWS user secret key"
# ==========================
# Bibliography
# ==========================
#
# * Reusable workflows: limitations
# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations
# * Using matrix in reusable workflows:
# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-a-matrix-strategy-with-a-reusable-workflow
# * Reading input from the called workflow
# | https://docs.github.com/en/enterprise-cloud@latest/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs
# * Ternary operator
# | https://docs.github.com/en/actions/learn-github-actions/expressions#example
jobs:
matrix:
name: Set up matrix
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.setup.outputs.matrix }}
steps:
- id: setup
run: |
matrix=$(jq -cn \
--argjson distribution '${{ inputs.distribution }}' \
--argjson architecture '${{ inputs.architecture }}' \
'{distribution: $distribution, architecture: $architecture}'
)
echo "matrix=$matrix" >> $GITHUB_OUTPUT
build:
needs: [matrix]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.matrix.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 11
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Provision
if: ${{ matrix.distribution == 'deb' }}
run: |
sudo bash packaging_scripts/provision.sh
- name: Run `baptizer.sh` (min)
run: |
name=$(bash packaging_scripts/baptizer.sh -m \
-a ${{ matrix.architecture }} \
-d ${{ matrix.distribution }} \
-r ${{ inputs.revision }} \
${{ inputs.is_stage && '-x' || '' }} \
)
echo "name=$name" >> $GITHUB_OUTPUT
id: min_package
- name: Run `baptizer.sh`
run: |
name=$(bash packaging_scripts/baptizer.sh \
-a ${{ matrix.architecture }} \
-d ${{ matrix.distribution }} \
-r ${{ inputs.revision }} \
${{ inputs.is_stage && '-x' || '' }} \
)
echo "name=$name" >> $GITHUB_OUTPUT
id: package
- name: Run `build.sh`
run: |
bash packaging_scripts/build.sh \
-a ${{ matrix.architecture }} \
-d ${{ matrix.distribution }} \
-n ${{ steps.min_package.outputs.name }}
- name: Run `assemble.sh`
run: |
bash packaging_scripts/assemble.sh \
-a ${{ matrix.architecture }} \
-d ${{ matrix.distribution }} \
-r ${{ inputs.revision }}
- name: Test RPM package
if: ${{ matrix.distribution == 'rpm' }}
uses: addnab/docker-run-action@v3
with:
image: redhat/ubi9:latest
options: -v ${{ github.workspace }}/artifacts/dist:/artifacts/dist
run: |
yum localinstall "/artifacts/dist/${{ steps.package.outputs.name }}" -y
- name: Test DEB package
if: ${{ matrix.distribution == 'deb' }}
run: |
sudo dpkg -i "artifacts/dist/${{ steps.package.outputs.name }}"
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: ${{ steps.package.outputs.name }}
path: artifacts/dist/${{ steps.package.outputs.name }}
if-no-files-found: error
- name: Set up AWS CLI
if: ${{ inputs.upload }}
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY }}
aws-region: ${{ secrets.CI_AWS_REGION }}
- name: Upload package to S3
if: ${{ inputs.upload }}
run: |
src="artifacts/dist/${{ steps.package.outputs.name }}"
dest="s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/"
aws s3 cp "$src" "$dest"
s3uri="${dest}${{ steps.package.outputs.name }}"
echo "S3 URI: ${s3uri}"
- name: Upload checksum to S3
if: ${{ inputs.upload && inputs.checksum }}
run: |
src="artifacts/dist/${{ steps.package.outputs.name }}.sha512"
dest="s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/"
aws s3 cp "$src" "$dest"
s3uri="${dest}${{ steps.package.outputs.name }}.sha512"
echo "S3 sha512 URI: ${s3uri}"