From c3b99d17bc45900175c47a0194ab50f42e510ac2 Mon Sep 17 00:00:00 2001 From: quebim Date: Fri, 13 Dec 2024 17:03:22 -0300 Subject: [PATCH] Fix generator.sh path on Dockerfile and update GHA to work with multiple modules at once --- .github/workflows/generate-ecs-mappings.yml | 67 +++++++++++++-------- docker/ecs/images/Dockerfile | 2 +- ecs/alerts/fields/mapping-settings.json | 2 +- 3 files changed, 44 insertions(+), 27 deletions(-) diff --git a/.github/workflows/generate-ecs-mappings.yml b/.github/workflows/generate-ecs-mappings.yml index 0ed917229f3fe..cc8f01d0d8d2e 100644 --- a/.github/workflows/generate-ecs-mappings.yml +++ b/.github/workflows/generate-ecs-mappings.yml @@ -21,26 +21,32 @@ jobs: - name: Set up Docker Compose run: sudo apt-get install docker-compose - - name: Extract ECS Module and Run ECS Generator + - name: Extract ECS Modules and Run ECS Generator id: run-ecs-generator run: | # Fetch base branch git fetch origin +refs/heads/master:refs/remotes/origin/master - # Extract the ECS module name from the modified files + # Extract the ECS module names from the modified files modified_files=$(git diff --name-only origin/master) - ecs_module="" + updated_modules=() for file in $modified_files; do if [[ $file == ecs/* ]]; then ecs_module=$(echo $file | cut -d'/' -f2) - break + if [[ ! " ${updated_modules[*]} " =~ " ${ecs_module} " ]]; then + updated_modules+=("$ecs_module") + fi fi done - if [[ -n "$ecs_module" ]]; then - # Run the ECS generator script - bash docker/ecs/mapping-generator.sh run "$ecs_module" - echo "ecs_module=$ecs_module" >> $GITHUB_ENV + if [[ ${#updated_modules[@]} -gt 0 ]]; then + export REPO_PATH=$(pwd) + for ecs_module in "${updated_modules[@]}"; do + # Run the ECS generator script for each module + bash docker/ecs/mapping-generator.sh run "$ecs_module" + echo "Processed ECS module: $ecs_module" + done + echo "updated_modules=${updated_modules[*]}" >> $GITHUB_ENV else echo "No modifications detected in ecs/ directory." exit 0 @@ -55,7 +61,7 @@ jobs: uses: actions/upload-artifact@v4 with: name: ecs-template - path: ecs/${{ env.ecs_module }}/mappings/v8.11.0/generated/elasticsearch/legacy/template.json + path: ecs/**/mappings/v8.11.0/generated/elasticsearch/legacy/template.json - name: Checkout target repository uses: actions/checkout@v4 @@ -64,9 +70,9 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} path: wazuh-indexer-plugins - - name: Copy generated file to target repository + - name: Copy generated files to target repository run: | - # Map ECS module to target JSON filename + # Map ECS modules to target JSON filenames declare -A module_to_file=( [agent]="index-template-agent.json" [alerts]="index-template-alerts.json" @@ -83,31 +89,42 @@ jobs: [vulnerabilities]="index-template-vulnerabilities.json" ) - target_file=${module_to_file[${{ env.ecs_module }}]} - if [[ -z "$target_file" ]]; then - echo "No corresponding file for module ${{ env.ecs_module }}" - exit 1 - fi + for ecs_module in ${updated_modules[@]}; do + target_file=${module_to_file[$ecs_module]} + if [[ -z "$target_file" ]]; then + echo "No corresponding file for module $ecs_module" + exit 1 + fi - mkdir -p wazuh-indexer-plugins/plugins/setup/src/main/resources/ - cp ecs/${{ env.ecs_module }}/mappings/v8.11.0/generated/elasticsearch/legacy/template.json wazuh-indexer-plugins/plugins/setup/src/main/resources/$target_file + mkdir -p wazuh-indexer-plugins/plugins/setup/src/main/resources/ + cp ecs/$ecs_module/mappings/v8.11.0/generated/elasticsearch/legacy/template.json wazuh-indexer-plugins/plugins/setup/src/main/resources/$target_file + done - name: Commit and push changes run: | cd wazuh-indexer-plugins git config --global user.email "github-actions@github.com" git config --global user.name "GitHub Actions" - git checkout -b update-ecs-template-${{ env.ecs_module }} + + branch_name="update-ecs-templates" + + # Check if branch exists + if git ls-remote --heads origin $branch_name | grep $branch_name; then + git checkout $branch_name + else + git checkout -b $branch_name + fi + git add . - git commit -m "Update ECS template for module ${{ env.ecs_module }}" - git push origin update-ecs-template-${{ env.ecs_module }} + git commit -m "Update ECS templates for modified modules: $updated_modules" + git push origin $branch_name - name: Create Pull Request uses: peter-evans/create-pull-request@v4 with: token: ${{ secrets.GITHUB_TOKEN }} - commit-message: "Update ECS template for module ${{ env.ecs_module }}" - branch: update-ecs-template-${{ env.ecs_module }} - title: "Update ECS template for module ${{ env.ecs_module }}" - body: "This PR updates the ECS template for the ${{ env.ecs_module }} module." + commit-message: "Update ECS templates for modified modules: $updated_modules" + branch: update-ecs-templates + title: "Update ECS templates for modified modules: $updated_modules" + body: "This PR updates the ECS templates for the following modules: $updated_modules." base: master diff --git a/docker/ecs/images/Dockerfile b/docker/ecs/images/Dockerfile index f0b491786d19f..0153810699146 100644 --- a/docker/ecs/images/Dockerfile +++ b/docker/ecs/images/Dockerfile @@ -15,7 +15,7 @@ RUN apt-get update && \ mkdir -p /source/ecs # Ensure the generate.sh script is in the correct location -ADD docker/ecs/images/generate.sh /ecs/generator.sh +ADD docker/ecs/images/generator.sh /ecs/generator.sh # Define the directory as a volume to allow for external mounting VOLUME /source/ecs diff --git a/ecs/alerts/fields/mapping-settings.json b/ecs/alerts/fields/mapping-settings.json index f176a1c52e87f..43be8693577e8 100644 --- a/ecs/alerts/fields/mapping-settings.json +++ b/ecs/alerts/fields/mapping-settings.json @@ -1,4 +1,4 @@ { - "dynamic": true, + "dynamic": "strict", "date_detection": false }