Fix generator.sh path on Dockerfile and update GHA to work with multi…

…ple modules at once

.github/workflows/generate-ecs-mappings.yml

@@ -21,26 +21,32 @@ jobs:
       - name: Set up Docker Compose
         run: sudo apt-get install docker-compose
 
-      - name: Extract ECS Module and Run ECS Generator
+      - name: Extract ECS Modules and Run ECS Generator
         id: run-ecs-generator
         run: |
           # Fetch base branch
           git fetch origin +refs/heads/master:refs/remotes/origin/master
 
-          # Extract the ECS module name from the modified files
+          # Extract the ECS module names from the modified files
           modified_files=$(git diff --name-only origin/master)
-          ecs_module=""
+          updated_modules=()
           for file in $modified_files; do
             if [[ $file == ecs/* ]]; then
               ecs_module=$(echo $file | cut -d'/' -f2)
-              break
+              if [[ ! " ${updated_modules[*]} " =~ " ${ecs_module} " ]]; then
+                updated_modules+=("$ecs_module")
+              fi
             fi
           done
 
-          if [[ -n "$ecs_module" ]]; then
-            # Run the ECS generator script
-            bash docker/ecs/mapping-generator.sh run "$ecs_module"
-            echo "ecs_module=$ecs_module" >> $GITHUB_ENV
+          if [[ ${#updated_modules[@]} -gt 0 ]]; then
+            export REPO_PATH=$(pwd)
+            for ecs_module in "${updated_modules[@]}"; do
+              # Run the ECS generator script for each module
+              bash docker/ecs/mapping-generator.sh run "$ecs_module"
+              echo "Processed ECS module: $ecs_module"
+            done
+            echo "updated_modules=${updated_modules[*]}" >> $GITHUB_ENV
           else
             echo "No modifications detected in ecs/ directory."
             exit 0
@@ -55,7 +61,7 @@ jobs:
         uses: actions/upload-artifact@v4
         with:
           name: ecs-template
-          path: ecs/${{ env.ecs_module }}/mappings/v8.11.0/generated/elasticsearch/legacy/template.json
+          path: ecs/**/mappings/v8.11.0/generated/elasticsearch/legacy/template.json
 
       - name: Checkout target repository
         uses: actions/checkout@v4
@@ -64,9 +70,9 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
           path: wazuh-indexer-plugins
 
-      - name: Copy generated file to target repository
+      - name: Copy generated files to target repository
         run: |
-          # Map ECS module to target JSON filename
+          # Map ECS modules to target JSON filenames
           declare -A module_to_file=(
             [agent]="index-template-agent.json"
             [alerts]="index-template-alerts.json"
@@ -83,31 +89,42 @@ jobs:
             [vulnerabilities]="index-template-vulnerabilities.json"
           )
 
-          target_file=${module_to_file[${{ env.ecs_module }}]}
-          if [[ -z "$target_file" ]]; then
-            echo "No corresponding file for module ${{ env.ecs_module }}"
-            exit 1
-          fi
+          for ecs_module in ${updated_modules[@]}; do
+            target_file=${module_to_file[$ecs_module]}
+            if [[ -z "$target_file" ]]; then
+              echo "No corresponding file for module $ecs_module"
+              exit 1
+            fi
 
-          mkdir -p wazuh-indexer-plugins/plugins/setup/src/main/resources/
-          cp ecs/${{ env.ecs_module }}/mappings/v8.11.0/generated/elasticsearch/legacy/template.json wazuh-indexer-plugins/plugins/setup/src/main/resources/$target_file
+            mkdir -p wazuh-indexer-plugins/plugins/setup/src/main/resources/
+            cp ecs/$ecs_module/mappings/v8.11.0/generated/elasticsearch/legacy/template.json wazuh-indexer-plugins/plugins/setup/src/main/resources/$target_file
+          done
 
       - name: Commit and push changes
         run: |
           cd wazuh-indexer-plugins
           git config --global user.email "[email protected]"
           git config --global user.name "GitHub Actions"
-          git checkout -b update-ecs-template-${{ env.ecs_module }}
+
+          branch_name="update-ecs-templates"
+
+          # Check if branch exists
+          if git ls-remote --heads origin $branch_name | grep $branch_name; then
+            git checkout $branch_name
+          else
+            git checkout -b $branch_name
+          fi
+
           git add .
-          git commit -m "Update ECS template for module ${{ env.ecs_module }}"
-          git push origin update-ecs-template-${{ env.ecs_module }}
+          git commit -m "Update ECS templates for modified modules: $updated_modules"
+          git push origin $branch_name
 
       - name: Create Pull Request
         uses: peter-evans/create-pull-request@v4
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
-          commit-message: "Update ECS template for module ${{ env.ecs_module }}"
-          branch: update-ecs-template-${{ env.ecs_module }}
-          title: "Update ECS template for module ${{ env.ecs_module }}"
-          body: "This PR updates the ECS template for the ${{ env.ecs_module }} module."
+          commit-message: "Update ECS templates for modified modules: $updated_modules"
+          branch: update-ecs-templates
+          title: "Update ECS templates for modified modules: $updated_modules"
+          body: "This PR updates the ECS templates for the following modules: $updated_modules."
           base: master

docker/ecs/images/Dockerfile

@@ -15,7 +15,7 @@ RUN apt-get update && \
     mkdir -p /source/ecs
 
 # Ensure the generate.sh script is in the correct location
-ADD docker/ecs/images/generate.sh /ecs/generator.sh
+ADD docker/ecs/images/generator.sh /ecs/generator.sh
 
 # Define the directory as a volume to allow for external mounting
 VOLUME /source/ecs

ecs/alerts/fields/mapping-settings.json

@@ -1,4 +1,4 @@
 {
-    "dynamic": true,
+    "dynamic": "strict",
     "date_detection": false
 }