Update builder Dockerfile entrypoint script

Make Docker image more lightweight

Add output messages for build process

docker/builder/Dockerfile

@@ -7,12 +7,11 @@ ENV DEBIAN_FRONTEND=noninteractive
 # Update the package list and install necessary tools
 RUN apt-get update \
     && apt-get upgrade -y \
-    && apt-get install curl gnupg2 -y \
-    && curl -o- https://www.aptly.info/pubkey.txt | apt-key add - \
-    && echo "deb http://repo.aptly.info/ squeeze main" | tee -a /etc/apt/sources.list.d/aptly.list \
     && apt-get install -y \
         wget \
+        curl \
         unzip \
+        gnupg2 \
         git \
         build-essential \
         debmake \
@@ -43,45 +42,16 @@ RUN apt-get update \
         rpm \
         rpm2cpio \
         maven \
-    && dpkg -r lintian \
-    && rm -rf /var/lib/apt/lists/*
-
-# Define build arguments with default values
-ARG indexer_branch=master
-ARG indexer_plugins_branch=master
-ARG indexer_reporting_branch=master
-ARG revision=0
-ARG is_stage=false
-ARG distribution=tar
-ARG architecture=x64
-
-# Use build arguments as environment variables in the container
-ENV INDEXER_BRANCH=${indexer_branch} \
-    INDEXER_PLUGINS_BRANCH=${indexer_plugins_branch} \
-    INDEXER_REPORTING_BRANCH=${indexer_reporting_branch} \
-    REVISION=${revision} \
-    IS_STAGE=${is_stage} \
-    DISTRIBUTION=${distribution} \
-    ARCHITECTURE=${architecture}
-
-RUN mkdir -p /artifacts/dist/
-
-VOLUME /artifacts/dist/
-
-# Clone the repositories using the specified branches
-RUN git clone --branch ${INDEXER_BRANCH} https://github.com/wazuh/wazuh-indexer --depth 1 /opt/wazuh-indexer && \
-    git clone --branch ${INDEXER_PLUGINS_BRANCH} https://github.com/wazuh/wazuh-indexer-plugins --depth 1 /opt/wazuh-indexer-plugins && \
-    git clone --branch ${INDEXER_REPORTING_BRANCH} https://github.com/wazuh/wazuh-indexer-reporting --depth 1 /opt/wazuh-indexer-reporting
+    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
 # Install OpenJDK 21
 RUN wget -O- https://download.java.net/openjdk/jdk21/ri/openjdk-21+35_linux-x64_bin.tar.gz | tar xz -C /opt/
 
 # Set JAVA_HOME environment variable
 ENV JAVA_HOME=/opt/jdk-21
 ENV PATH=$JAVA_HOME/bin:$PATH
-
-# Install Gradle 8.10
 ENV GRADLE_VERSION=8.10
+ENV GRADLE_OPTS="-Xmx2048m -XX:ReservedCodeCacheSize=440m"
 
 RUN wget https://services.gradle.org/distributions/gradle-${GRADLE_VERSION}-bin.zip -P /tmp \
     && unzip -d /opt/gradle /tmp/gradle-${GRADLE_VERSION}-bin.zip \
@@ -91,68 +61,27 @@ RUN wget https://services.gradle.org/distributions/gradle-${GRADLE_VERSION}-bin.
 ENV GRADLE_HOME=/opt/gradle/gradle-${GRADLE_VERSION}
 ENV PATH=$GRADLE_HOME/bin/$PATH
 
-# Create the artifacts directory
-RUN mkdir -p /opt/wazuh-indexer/artifacts/plugins
-
 # Clean up APT when done
 RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
-# Create a non-root user and set up permissions
-RUN useradd -ms /bin/bash opensearchuser && \
-    mkdir -p /home/opensearchuser && \
-    chown -R opensearchuser:opensearchuser /opt/wazuh-indexer-plugins && \
-    chown -R opensearchuser:opensearchuser /opt/wazuh-indexer-reporting && \
-    chown -R opensearchuser:opensearchuser /opt/wazuh-indexer
+# Create volume dir
+RUN mkdir -p /artifacts
+VOLUME /artifacts
 
-USER opensearchuser
+# Create a non-root user and set up permissions
+RUN useradd -ms /bin/bash indexer && mkdir -p /home/indexer && chown -R indexer:indexer /home/indexer
 
-# ---PACKAGE-BUILDING---
+# Copy your build scripts into the container as root
+ADD entrypoint.sh /home/indexer/
 
-# Build plugins
-RUN export VERSION=$(cat /opt/wazuh-indexer/VERSION) && \
-    cd /opt/wazuh-indexer-plugins/plugins/setup && \
-    ./gradlew build -Dversion=${VERSION} -Drevision=${REVISION} && \
-    cd /opt/wazuh-indexer-plugins/plugins/command-manager && \
-    ./gradlew build -Dversion=${VERSION} -Drevision=${REVISION} && \
-    cd /opt/wazuh-indexer-reporting && \
-    ./gradlew build -Dversion=${VERSION} -Drevision=${REVISION} && \
-    # Copy the built packages
-    cp /opt/wazuh-indexer-plugins/plugins/setup/build/distributions/wazuh-indexer-setup-${VERSION}.${REVISION}.zip /opt/wazuh-indexer/artifacts/plugins/ && \
-    cp /opt/wazuh-indexer-plugins/plugins/command-manager/build/distributions/wazuh-indexer-command-manager-${VERSION}.${REVISION}.zip /opt/wazuh-indexer/artifacts/plugins/ && \
-    cp /opt/wazuh-indexer-reporting/build/distributions/wazuh-indexer-reports-scheduler-${VERSION}.${REVISION}.zip /opt/wazuh-indexer/artifacts/plugins/
+# Change file permissions as root
+RUN chmod +x /home/indexer/entrypoint.sh
 
-USER root
+# Switch to non-root user
+USER indexer
 
-# Configure Git to trust the repositories' directories
-RUN git config --global --add safe.directory /opt/wazuh-indexer-plugins && \
-    git config --global --add safe.directory /opt/wazuh-indexer-reporting && \
-    git config --global --add safe.directory /opt/wazuh-indexer
+# Set the working directory
+WORKDIR /home/indexer
 
-# Combined RUN command
-RUN cd /opt/wazuh-indexer-plugins && PLUGINS_HASH=$(git rev-parse --short HEAD) && \
-    cd /opt/wazuh-indexer-reporting && REPORTING_HASH=$(git rev-parse --short HEAD) && \
-    cd /opt/wazuh-indexer && \
-    PACKAGE_MIN_NAME=$(bash build-scripts/baptizer.sh -m \
-        -a ${ARCHITECTURE} \
-        -d ${DISTRIBUTION} \
-        -r ${REVISION} \
-        -l ${PLUGINS_HASH} \
-        -e ${REPORTING_HASH} \
-        $(if [ "${IS_STAGE}" = "true" ]; then echo "-x"; fi)) && \
-    PACKAGE_NAME=$(bash build-scripts/baptizer.sh \
-        -a ${ARCHITECTURE} \
-        -d ${DISTRIBUTION} \
-        -r ${REVISION} \
-        -l ${PLUGINS_HASH} \
-        -e ${REPORTING_HASH} \
-        $(if [ "${IS_STAGE}" = "true" ]; then echo "-x"; fi)) && \
-    bash build-scripts/build.sh \
-        -a ${ARCHITECTURE} \
-        -d ${DISTRIBUTION} \
-        -n ${PACKAGE_MIN_NAME} && \
-    bash build-scripts/assemble.sh \
-        -a ${ARCHITECTURE} \
-        -d ${DISTRIBUTION} \
-        -r ${REVISION} && \
-    mkdir -p /artifacts/dist/ && \
-    mv artifacts/dist/${PACKAGE_NAME} /artifacts/dist/
+# Entry point to the build script
+ENTRYPOINT ["./entrypoint.sh"]

docker/builder/entrypoint.sh

@@ -0,0 +1,146 @@
+#!/bin/bash
+
+# Exit immediately if a command exits with a non-zero status.
+set -e
+
+# Set default values for environment variables
+INDEXER_BRANCH=${INDEXER_BRANCH:-master}
+INDEXER_PLUGINS_BRANCH=${INDEXER_PLUGINS_BRANCH:-master}
+INDEXER_REPORTING_BRANCH=${INDEXER_REPORTING_BRANCH:-master}
+REVISION=${REVISION:-0}
+IS_STAGE=${IS_STAGE:-false}
+DISTRIBUTION=${DISTRIBUTION:-tar}
+ARCHITECTURE=${ARCHITECTURE:-x64}
+
+# Function to clone repositories
+clone_repositories() {
+    echo "----------------------------------------"
+    echo "Cloning Repositories"
+    echo "----------------------------------------"
+    git clone --branch "$INDEXER_BRANCH" https://github.com/wazuh/wazuh-indexer --depth 1 /home/indexer/wazuh-indexer
+    git clone --branch "$INDEXER_PLUGINS_BRANCH" https://github.com/wazuh/wazuh-indexer-plugins --depth 1 /home/indexer/wazuh-indexer-plugins
+    git clone --branch "$INDEXER_REPORTING_BRANCH" https://github.com/wazuh/wazuh-indexer-reporting --depth 1 /home/indexer/wazuh-indexer-reporting
+}
+
+# Function to build wazuh-indexer-plugins
+build_plugins() {
+    echo "----------------------------------------"
+    echo "Building Plugins"
+    echo "----------------------------------------"
+    local version="$1"
+    local revision="$2"
+    cd /home/indexer/wazuh-indexer-plugins/plugins/setup
+    echo "Building setup plugin..."
+    ./gradlew build -Dversion="$version" -Drevision="$revision" --no-daemon
+    cd /home/indexer/wazuh-indexer-plugins/plugins/command-manager
+    echo "Building command-manager plugin..."
+    ./gradlew build -Dversion="$version" -Drevision="$revision" --no-daemon
+}
+
+# Function to build wazuh-indexer-reporting
+build_reporting() {
+    echo "----------------------------------------"
+    echo "Building Reporting"
+    echo "----------------------------------------"
+    local version="$1"
+    local revision="$2"
+    cd /home/indexer/wazuh-indexer-reporting
+    echo "Building reporting..."
+    ./gradlew build -Dversion="$version" -Drevision="$revision" --no-daemon
+}
+
+# Function to copy builds
+copy_builds() {
+    echo "----------------------------------------"
+    echo "Copying Builds"
+    echo "----------------------------------------"
+    local version="$1"
+    local revision="$2"
+    mkdir -p /home/indexer/wazuh-indexer/artifacts/plugins
+    echo "Copying setup plugin..."
+    cp /home/indexer/wazuh-indexer-plugins/plugins/setup/build/distributions/wazuh-indexer-setup-"$version"."$revision".zip /home/indexer/wazuh-indexer/artifacts/plugins
+    echo "Copying command-manager plugin..."
+    cp /home/indexer/wazuh-indexer-plugins/plugins/command-manager/build/distributions/wazuh-indexer-command-manager-"$version"."$revision".zip /home/indexer/wazuh-indexer/artifacts/plugins
+    echo "Copying reporting..."
+    cp /home/indexer/wazuh-indexer-reporting/build/distributions/wazuh-indexer-reports-scheduler-"$version"."$revision".zip /home/indexer/wazuh-indexer/artifacts/plugins
+}
+
+# Function for packaging process
+package_artifacts() {
+    echo "----------------------------------------"
+    echo "Packaging Artifacts"
+    echo "----------------------------------------"
+    local architecture="$1"
+    local distribution="$2"
+    local revision="$3"
+    local is_stage="$4"
+
+    local plugins_hash
+    local reporting_hash
+    local package_min_name
+    local package_name
+
+    cd /home/indexer/wazuh-indexer
+
+    plugins_hash=$(cd /home/indexer/wazuh-indexer-plugins && git rev-parse --short HEAD)
+    reporting_hash=$(cd /home/indexer/wazuh-indexer-reporting && git rev-parse --short HEAD)
+
+    echo "Creating package minimum name..."
+    package_min_name=$(bash build-scripts/baptizer.sh -m \
+        -a "$architecture" \
+        -d "$distribution" \
+        -r "$revision" \
+        -l "$plugins_hash" \
+        -e "$reporting_hash" \
+        "$(if [ "$is_stage" = "true" ]; then echo "-x"; fi)")
+
+    echo "Creating package name..."
+    package_name=$(bash build-scripts/baptizer.sh \
+        -a "$architecture" \
+        -d "$distribution" \
+        -r "$revision" \
+        -l "$plugins_hash" \
+        -e "$reporting_hash" \
+        "$(if [ "$is_stage" = "true" ]; then echo "-x"; fi)")
+
+    echo "Building package..."
+    bash build-scripts/build.sh -a "$architecture" -d "$distribution" -n "$package_min_name"
+    echo "Assembling package..."
+    bash build-scripts/assemble.sh -a "$architecture" -d "$distribution" -r "$revision"
+
+    mkdir -p /artifacts/dist/
+    echo "Moving package to artifacts..."
+    mv /home/indexer/wazuh-indexer/artifacts/dist/"$package_name" /artifacts/
+}
+
+# Function for cleanup
+cleanup() {
+    echo "----------------------------------------"
+    echo "Cleaning Up"
+    echo "----------------------------------------"
+    rm -rf /home/indexer/wazuh-indexer
+    rm -rf /home/indexer/wazuh-indexer-plugins
+    rm -rf /home/indexer/wazuh-indexer-reporting
+    echo "Cleanup completed."
+}
+
+# Main script execution
+main() {
+    echo "---------Starting Build Process---------"
+    clone_repositories
+    # Set version env var
+    VERSION=$(cat /home/indexer/wazuh-indexer/VERSION)
+    # Build and assemble the package
+    build_plugins "$VERSION" "$REVISION"
+    build_reporting "$VERSION" "$REVISION"
+    copy_builds "$VERSION" "$REVISION"
+    package_artifacts "$ARCHITECTURE" "$DISTRIBUTION" "$REVISION" "$IS_STAGE"
+    # Clean the environment
+    cleanup
+    echo "----------------------------------------"
+    echo "Build and Packaging Process Completed Successfully!"
+    echo "----------------------------------------"
+}
+
+# Execute the main function
+main