diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b49ebd1fd0565..aecdbfa003fe2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,12 +12,23 @@ on: revision: description: "Revision" type: string - required: true default: "0" upload: description: "Upload ?" type: bool default: false + is_release: + description: "Upload ?" + type: bool + default: false + distribution: + description: "[ 'tar', 'rpm', 'deb', 'docker' ]" + type: string + default: "[ 'rpm', 'deb' ]" + architecture: + description: "[ 'x64', 'arm64' ]" + type: string + default: "[ 'x64' ]" # ========================== # Bibliography @@ -33,58 +44,19 @@ on: # | https://docs.github.com/en/actions/learn-github-actions/expressions#example jobs: - version: - uses: ./.github/workflows/r_version.yml - - commit_sha: - uses: ./.github/workflows/r_commit_sha.yml - build: - needs: [version, commit_sha] - strategy: - matrix: - distribution: [tar, rpm, deb] - architecture: [x64, arm64] - uses: ./.github/workflows/r_build.yml - with: - architecture: ${{ matrix.architecture }} - distribution: ${{ matrix.distribution }} - revision: ${{ github.event_name == 'push' && '0' || inputs.revision }} - name: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '0' || inputs.revision }}-${{ matrix.architecture }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.distribution }} - - assemble: - needs: [version, commit_sha, build] strategy: matrix: - distribution: [tar, rpm, deb] - architecture: [x64, arm64] + distribution: ${{ inputs.distribution }} + architecture: ${{ inputs.architecture }} exclude: # skip arm64 until we have arm runners - architecture: arm64 - - distribution: tar - - uses: ./.github/workflows/r_assemble.yml + fail-fast: false + uses: ./.github/workflows/r_build.yml with: - architecture: ${{ matrix.architecture }} - distribution: ${{ matrix.distribution }} revision: ${{ github.event_name == 'push' && '0' || inputs.revision }} - min: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '0' || inputs.revision }}-${{ matrix.architecture }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.distribution }} - - test: - needs: [version, commit_sha, assemble] - strategy: - fail-fast: false - matrix: - os: [{ suffix: "amd64", ext: "deb" }, { suffix: "x86_64", ext: "rpm" }] - uses: ./.github/workflows/r_test.yml - with: - package: wazuh-indexer-${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '0' || inputs.revision }}_${{ matrix.os.suffix }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.os.ext }} - - upload: - needs: [version, commit_sha, test] - # Upload only on 'workflow_dispatch' event and if 'upload=true' - if: ${{ github.event_name == 'push' && inputs.upload }} - uses: ./.github/workflows/r_upload.yml - with: - package: wazuh-indexer-${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '0' || inputs.revision }}_${{ matrix.os.suffix }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.os.ext }} - secrets: inherit + upload: ${{ inputs.upload }} + is_release: ${{ inputs.is_release }} + distribution: ${{ matrix.distribution }} + architecture: ${{ matrix.architecture }} diff --git a/.github/workflows/r_assemble.yml b/.github/workflows/r_assemble.yml index 597ecbee251d5..2ef06f01774f8 100644 --- a/.github/workflows/r_assemble.yml +++ b/.github/workflows/r_assemble.yml @@ -1,32 +1,26 @@ name: Assemble (reusable) -env: - TEST: true - # This workflow runs when any of the following occur: # - Run from another workflow on: workflow_call: inputs: - distribution: - description: "One of [ 'tar', 'rpm', 'deb' ]" - default: "rpm" - required: true - type: string - architecture: - description: "One of [ 'x64', 'arm64' ]" - default: "x64" - required: true - type: string revision: - description: "Any string or number used to extend the package's identifier." + description: "Revision number" type: string - required: true default: "0" - min: - description: "The name of the package to download." + is_release: + description: "Uses release's nomenclature" + type: bool + default: false + distribution: + description: One of "[ 'tar', 'rpm', 'deb', 'docker' ]" + type: string required: true + architecture: + description: One of "[ 'x64', 'arm64' ]" type: string + required: true jobs: r_assemble: @@ -37,30 +31,49 @@ jobs: contents: read steps: - uses: actions/checkout@v4 - - name: Download artifact - uses: actions/download-artifact@v4 - with: - name: ${{ inputs.min }} - path: artifacts/dist + + - name: Run `baptizer.sh` (min) + run: | + name=$(bash scripts/baptizer.sh -m \ + ${{ inputs.is_release && '-x' }} \ + -a ${{ inputs.architecture }} \ + -d ${{ inputs.distribution }} \ + -r ${{ inputs.revision }} \ + ) + echo "$name" >> $GITHUB_OUTPUT + id: min_package + + - name: Run `baptizer.sh` + run: | + name=$(bash scripts/baptizer.sh \ + ${{ inputs.is_release && '-x' }} \ + -a ${{ inputs.architecture }} \ + -d ${{ inputs.distribution }} \ + -r ${{ inputs.revision }} \ + ) + echo "$name" >> $GITHUB_OUTPUT + id: package - name: Provision if: ${{ inputs.distribution == 'deb' }} run: | sudo bash scripts/provision.sh - - name: Run `assemble.sh` - run: | - bash scripts/assemble.sh -a ${{ inputs.architecture }} -d ${{ inputs.distribution }} -r ${{ inputs.revision }} + - name: Download artifact + uses: actions/download-artifact@v4 + with: + name: ${{ steps.min_package.outputs.name }} + path: artifacts/dist - # The package's name is stored in artifacts/artifact_name.txt. - - name: Set package name - id: get_name - run: | - echo "name=$(cat artifacts/artifact_name.txt)" >> $GITHUB_OUTPUT + - name: Run `assemble.sh` + mkdir -p ./artifacts/dist + touch ./artifacts/dist/${{ steps.package.outputs.name }} + # run: | + # bash scripts/assemble.sh -a ${{ inputs.architecture }} -d ${{ inputs.distribution }} -r ${{ inputs.revision }} - name: Upload artifact uses: actions/upload-artifact@v4 with: - name: ${{ steps.get_name.outputs.name }} - path: artifacts/dist/${{ steps.get_name.outputs.name }} + name: ${{ steps.package.outputs.name }} + path: artifacts/dist/${{ steps.package.outputs.name }} if-no-files-found: error diff --git a/.github/workflows/r_build.yml b/.github/workflows/r_build.yml index 0b1778a4637cc..65fb89a446853 100644 --- a/.github/workflows/r_build.yml +++ b/.github/workflows/r_build.yml @@ -1,60 +1,61 @@ -name: Build (reusable) +name: Build pipeline (reusable) # This workflow runs when any of the following occur: # - Run from another workflow on: workflow_call: inputs: - distribution: - description: "One of [ 'tar', 'rpm', 'deb' ]" - default: "rpm" - required: true - type: string - architecture: - description: "One of [ 'x64', 'arm64' ]" - default: "x64" - required: true - type: string revision: - description: "Any string or number used to extend the package's identifier." + description: "Revision number" type: string - required: true default: "0" - name: - description: "The name of the package to upload." + upload: + description: "Uploads artifacts" + type: bool + default: false + is_release: + description: "Uses release's nomenclature" + type: bool + default: false + distribution: + description: One of "[ 'tar', 'rpm', 'deb', 'docker' ]" + type: string required: true + architecture: + description: One of "[ 'x64', 'arm64' ]" type: string + required: true jobs: - r_build: - runs-on: ubuntu-latest - # Permissions to upload the package - permissions: - packages: write - contents: read - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 11 - - - name: Setup Gradle - uses: gradle/actions/setup-gradle@v3 + build_min: + uses: ./.github/workflows/r_build_min.yml + with: + revision: ${{ inputs.revision }} + distribution: ${{ matrix.distribution }} + architecture: ${{ matrix.architecture }} - - name: Run `build.sh` - run: | - bash scripts/build.sh -a ${{ inputs.architecture }} -d ${{ inputs.distribution }} -r ${{ inputs.revision }} + assemble: + needs: [build] + uses: ./.github/workflows/r_assemble.yml + with: + revision: ${{ inputs.revision }} + distribution: ${{ matrix.distribution }} + architecture: ${{ matrix.architecture }} - # The package's name is stored in artifacts/artifact_min_name.txt. - - name: Set package name - id: get_name - run: | - echo "name=$(cat artifacts/artifact_min_name.txt)" >> $GITHUB_OUTPUT + test: + needs: [assemble] + uses: ./.github/workflows/r_test.yml + with: + revision: ${{ inputs.revision }} + distribution: ${{ matrix.distribution }} + architecture: ${{ matrix.architecture }} - - name: Upload artifact - uses: actions/upload-artifact@v4 - with: - name: ${{ inputs.name }} - path: artifacts/dist/${{ steps.get_name.outputs.name }} - if-no-files-found: error + upload: + if: ${{ inputs.upload }} + needs: [test] + uses: ./.github/workflows/r_upload.yml + with: + revision: ${{ inputs.revision }} + distribution: ${{ matrix.distribution }} + architecture: ${{ matrix.architecture }} + secrets: inherit diff --git a/.github/workflows/r_build_min.yml b/.github/workflows/r_build_min.yml new file mode 100644 index 0000000000000..75b90cc312ae6 --- /dev/null +++ b/.github/workflows/r_build_min.yml @@ -0,0 +1,65 @@ +name: Build minimal packages (reusable) + +# This workflow runs when any of the following occur: +# - Run from another workflow +on: + workflow_call: + inputs: + revision: + description: "Revision number" + type: string + default: "0" + is_release: + description: "Uses release's nomenclature" + type: bool + default: false + distribution: + description: One of "[ 'tar', 'rpm', 'deb', 'docker' ]" + type: string + required: true + architecture: + description: One of "[ 'x64', 'arm64' ]" + type: string + required: true + +jobs: + r_build_min: + runs-on: ubuntu-latest + # Permissions to upload the package + permissions: + packages: write + contents: read + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: 11 + + - name: Setup Gradle + uses: gradle/actions/setup-gradle@v3 + + - name: Run `baptizer.sh` + run: | + name=$(bash scripts/baptizer.sh -m \ + ${{ inputs.is_release && '-x' }} \ + -a ${{ inputs.architecture }} \ + -d ${{ inputs.distribution }} \ + -r ${{ inputs.revision }} \ + ) + echo "$name" >> $GITHUB_OUTPUT + id: package + + - name: Run `build.sh` + run: | + mkdir -p ./artifacts/dist + touch ./artifacts/dist/${{ steps.package.outputs.name }} + # run: | + # bash scripts/build.sh -a ${{ inputs.architecture }} -d ${{ inputs.distribution }} -r ${{ inputs.revision }} + + - name: Upload artifact + uses: actions/upload-artifact@v4 + with: + name: ${{ steps.package.outputs.name }} + path: artifacts/dist/${{ steps.package.outputs.name }} + if-no-files-found: error diff --git a/.github/workflows/r_test.yml b/.github/workflows/r_test.yml index fa9cd819ac8fe..a201b16562950 100644 --- a/.github/workflows/r_test.yml +++ b/.github/workflows/r_test.yml @@ -5,16 +5,44 @@ name: Test (reusable) on: workflow_call: inputs: - package: - description: "The name of the package to download." + revision: + description: "Revision number" + type: string + default: "0" + is_release: + description: "Uses release's nomenclature" + type: bool + default: false + distribution: + description: One of "[ 'tar', 'rpm', 'deb', 'docker' ]" + type: string required: true + architecture: + description: One of "[ 'x64', 'arm64' ]" type: string + required: true jobs: + setup: + runs-on: ubuntu-latest + - uses: actions/checkout@v4 + - name: Run `baptizer.sh` (min) + run: | + name=$(bash scripts/baptizer.sh \ + ${{ inputs.is_release && '-x' }} \ + -a ${{ inputs.architecture }} \ + -d ${{ inputs.distribution }} \ + -r ${{ inputs.revision }} \ + ) + echo "$name" >> $GITHUB_OUTPUT + id: package + outputs: + package_name: ${{ steps.package.outputs.name }} + r_test_rpm: - if: ${{ endsWith(inputs.package, 'rpm') }} + if: ${{ inputs.distribution == 'rpm' }} runs-on: ubuntu-latest - # Permissions to upload the package + # Permissions to download the package permissions: packages: read contents: read @@ -22,7 +50,7 @@ jobs: - name: Download artifact uses: actions/download-artifact@v4 with: - name: ${{ inputs.package }} + name: ${{ needs.setup.outputs.package_name }} path: artifacts/dist - name: Install package @@ -31,12 +59,12 @@ jobs: image: redhat/ubi9:latest options: -v ${{ github.workspace }}/artifacts/dist:/artifacts/dist run: | - yum localinstall "/artifacts/dist/${{ inputs.package }}" -y + yum localinstall "/artifacts/dist/${{ needs.setup.outputs.package_name }}" -y r_test_deb: - if: ${{ endsWith(inputs.package, 'deb') }} + if: ${{ inputs.distribution == 'deb' }} runs-on: ubuntu-latest - # Permissions to upload the package + # Permissions to download the package permissions: packages: read contents: read @@ -44,12 +72,12 @@ jobs: - name: Download artifact uses: actions/download-artifact@v4 with: - name: ${{ inputs.package }} + name: ${{ needs.setup.outputs.package_name }} path: artifacts/dist - name: Install package run: | - sudo dpkg -i "artifacts/dist/${{ inputs.package }}" + sudo dpkg -i "artifacts/dist/${{ needs.setup.outputs.package_name }}" - uses: actions/checkout@v4 - name: Generate and deploy certificates diff --git a/.github/workflows/r_upload.yml b/.github/workflows/r_upload.yml index 05a08e40394c4..c27af0c60e4ba 100644 --- a/.github/workflows/r_upload.yml +++ b/.github/workflows/r_upload.yml @@ -4,11 +4,22 @@ name: Upload (reusable) # - Run from another workflow on: workflow_call: - inputs: - package: - description: "The name of the package to upload to Wazuh's S3 development artifactory bucket." - required: true - type: string + revision: + description: "Revision number" + type: string + default: "0" + is_release: + description: "Uses release's nomenclature" + type: bool + default: false + distribution: + description: One of "[ 'tar', 'rpm', 'deb', 'docker' ]" + type: string + required: true + architecture: + description: One of "[ 'x64', 'arm64' ]" + type: string + required: true secrets: CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY: required: true @@ -23,10 +34,22 @@ jobs: packages: read contents: read steps: + - uses: actions/checkout@v4 + - name: Run `baptizer.sh` + run: | + name=$(bash scripts/baptizer.sh \ + ${{ inputs.is_release && '-x' }} \ + -a ${{ inputs.architecture }} \ + -d ${{ inputs.distribution }} \ + -r ${{ inputs.revision }} \ + ) + echo "$name" >> $GITHUB_OUTPUT + id: package + - name: Download artifact uses: actions/download-artifact@v4 with: - name: ${{ inputs.package }} + name: ${{ steps.package.outputs.name }} path: artifacts/dist - name: Set up AWS CLI @@ -38,4 +61,4 @@ jobs: - name: Upload package to S3 run: | - aws s3 cp artifacts/dist/${{ inputs.package }} s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/ + aws s3 cp artifacts/dist/${{ steps.package.outputs.name }} s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/