wazuh · AlexRuiz7 · Dec 26, 2023 · Dec 13, 2023 · Dec 13, 2023 · Dec 14, 2023
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,62 +1,60 @@
-name: Build slim packages
+name: Build packages
 
 # This workflow runs when any of the following occur:
-  # - Run manually
+# - Run manually
 on:
   workflow_dispatch:
-
-
-# Used to run locally using https://github.com/nektos/act
-env:
-  ACT: 
-  VERSION: 2.11.0
-  SNAPSHOT: false
-  PLATFORM: linux
-  BUILD: bash scripts/build.sh
-
+    inputs:
+      revision:
+        # description:
+        default: "1"
+        required: false
+        type: string
+
+# ==========================
+# Bibliography
+# ==========================
+#
+# * Reusable workflows: limitations
+#   | https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations
+# * Using matrix in reusable workflows:
+#   | https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-a-matrix-strategy-with-a-reusable-workflow
+# * Reading input from the called workflow
+#   | https://docs.github.com/en/enterprise-cloud@latest/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs
 
 jobs:
+  version:
+    uses: ./.github/workflows/r_version.yml
+
   build:
-    runs-on: ubuntu-latest
-    # Permissions to upload the package
-    permissions:
-      packages: write
-      contents: read
+    needs: version
     strategy:
-        matrix:
-          # act is resource-heavy. Avoid running parallel builds with it:
-          # DISTRIBUTION: [ rpm ]
-          # ARCHITECTURE: [ x64 ]
-          DISTRIBUTION: [ tar, rpm, deb ]
-          ARCHITECTURE: [ x64, arm64 ]
-    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v3
-      with:
-        distribution: temurin
-        java-version: 11
-
-    - name: Setup Gradle
-      uses: gradle/[email protected]
-
-    - name: Execute build script
-      run: |
-        $BUILD -v $VERSION -s $SNAPSHOT -p $PLATFORM -a ${{ matrix.ARCHITECTURE }} -d ${{ matrix.DISTRIBUTION }}
-
-    # The package name is stored in the artifacts/artifact_name.txt file
-    - name: Read package name
-      id: package_name
-      run: |
-        echo $(ls -la)
-        echo "package_name=$(cat artifacts/artifact_name.txt)" >> $GITHUB_OUTPUT
-        echo "$(cat artifacts/artifact_name.txt)"
-
-    - name: Upload artifact
-      uses: actions/upload-artifact@v3
-      with:
-        name: ${{ steps.package_name.outputs.package_name }}
-        path: artifacts/dist/${{ steps.package_name.outputs.package_name }}
-        if-no-files-found: error
-
-  # assemble:
-  # release:
+      matrix:
+        distribution: [tar, rpm, deb]
+        architecture: [x64, arm64]
+    uses: ./.github/workflows/r_build.yml
+    with:
+      architecture: ${{ matrix.architecture }}
+      distribution: ${{ matrix.distribution }}
+      name: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ inputs.revision }}-${{ matrix.architecture }}_${{ github.sha }}.${{ matrix.distribution }}
+      # wazuh-indexer-min_4.8.0-rc1_x64_ff98475f.deb
+      # TODO arm64 != amd64 (deb), x64 != x86_64 (rpm)
+      # TODO use short SHA https://stackoverflow.com/a/59819441/13918537
+
+  assemble:
+    needs: [version, build]
+    strategy:
+      matrix:
+        distribution: [tar, rpm, deb]
+        architecture: [x64, arm64]
+        exclude:
+          # skip arm64 until we have arm runners
+          - architecture: arm64
+          - distribution: [tar, deb] # Exclude deb assembly until it's implemented
+
+    uses: ./.github/workflows/r_assemble.yml
+    with:
+      architecture: ${{ matrix.architecture }}
+      distribution: ${{ matrix.distribution }}
+      min: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ inputs.revision }}-${{ matrix.architecture }}_${{ github.sha }}.${{ matrix.distribution }}
+      name: wazuh-indexer_${{ needs.version.outputs.version }}-${{ inputs.revision }}-${{ matrix.architecture }}_${{ github.sha }}.${{ matrix.distribution }}
diff --git a/.github/workflows/r_assemble.yml b/.github/workflows/r_assemble.yml
@@ -0,0 +1,58 @@
+name: Assemble (reusable)
+
+# This workflow runs when any of the following occur:
+# - Run from another workflow
+on:
+  workflow_call:
+    inputs:
+      distribution:
+        description: 'One of [ "tar", "rpm", "deb" ]'
+        default: "rpm"
+        required: false
+        type: string
+      architecture:
+        description: 'One of [ "x64", "arm64" ]'
+        default: "x64"
+        required: false
+        type: string
+      min:
+        description: The name of the package to download.
+        required: true
+        type: string
+      name:
+        description: The name of the package to upload.
+        required: true
+        type: string
+
+jobs:
+  r_assemble:
+    runs-on: ubuntu-latest
+    # Permissions to upload the package
+    permissions:
+      packages: write
+      contents: read
+    steps:
+      - uses: actions/checkout@v4
+      - name: Download artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ inputs.min }}
+          path: artifacts/dist
+
+      - name: Run `assemble.sh`
+        run: |
+          bash scripts/assemble.sh -v ${{ vars.OPENSEARCH_VERSION }} -p linux -a ${{ inputs.architecture }} -d ${{ inputs.distribution }}
+
+      # The package's name is stored in artifacts/artifact_name.txt.
+      - name: Set package name
+        id: get_name
+        run: |
+          echo "name=$(cat artifacts/artifact_name.txt)" >> $GITHUB_OUTPUT
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ inputs.name }}
+          path: artifacts/dist/${{ steps.get_name.outputs.name }}
+          if-no-files-found: error
+
diff --git a/.github/workflows/r_build.yml b/.github/workflows/r_build.yml
@@ -0,0 +1,53 @@
+name: Build (reusable)
+
+# This workflow runs when any of the following occur:
+# - Run from another workflow
+on:
+  workflow_call:
+    inputs:
+      distribution:
+        description: 'One of [ "tar", "rpm", "deb" ]'
+        default: "rpm"
+        required: false
+        type: string
+      architecture:
+        description: 'One of [ "x64", "arm64" ]'
+        default: "x64"
+        required: false
+        type: string
+      name:
+        type: string
+
+jobs:
+  r_build:
+    runs-on: ubuntu-latest
+    # Permissions to upload the package
+    permissions:
+      packages: write
+      contents: read
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: 11
+
+      - name: Setup Gradle
+        uses: gradle/[email protected]
+
+      - name: Run `build.sh`
+        run: |
+          bash scripts/build.sh -v ${{ vars.OPENSEARCH_VERSION }} -s false -p linux -a ${{ inputs.architecture }} -d ${{ inputs.distribution }}
+
+      # The package's name is stored in artifacts/artifact_name.txt.
+      - name: Set package name
+        id: get_name
+        run: |
+          echo "name=$(cat artifacts/artifact_name.txt)" >> $GITHUB_OUTPUT
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ inputs.name }}
+          path: artifacts/dist/${{ steps.get_name.outputs.name }}
+          if-no-files-found: error
diff --git a/.github/workflows/r_version.yml b/.github/workflows/r_version.yml
@@ -0,0 +1,22 @@
+name: Version (reusable)
+
+# This workflow runs when any of the following occur:
+# - Run from another workflow
+on:
+  workflow_call:
+    outputs:
+      version:
+        description: "Returns the version of Wazuh"
+        value: ${{ jobs.r_version.outputs.version }}
+
+jobs:
+  r_version:
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.get_version.outputs.version }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Read 'VERSION'
+        id: get_version
+        run: |
+          echo "version=$(cat VERSION)" >> $GITHUB_OUTPUT
diff --git a/distribution/packages/build.gradle b/distribution/packages/build.gradle
@@ -298,13 +298,13 @@ apply plugin: 'com.netflix.nebula.ospackage-base'
 
 // this is package indepdendent configuration
 ospackage {
-  maintainer 'OpenSearch Team <opensearch@amazon.com>'
+  maintainer 'Wazuh, Inc <info@wazuh.com>'
   summary 'Distributed RESTful search engine built for the cloud'
   packageDescription '''
     Reference documentation can be found at
-    https://github.com/opensearch-project/OpenSearch
+    https://documentation.wazuh.com/current/getting-started/components/wazuh-indexer.html
   '''.stripIndent().trim()
-  url 'https://github.com/opensearch-project/OpenSearch'
+  url 'https://documentation.wazuh.com/current/getting-started/components/wazuh-indexer.html'
 
   // signing setup
   if (project.hasProperty('signing.password') && BuildParams.isSnapshotBuild() == false) {

diff --git a/distribution/packages/src/rpm/wazuh-indexer-performance-analyzer.service b/distribution/packages/src/rpm/wazuh-indexer-performance-analyzer.service
@@ -0,0 +1,21 @@
+# Copyright OpenSearch Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# The OpenSearch Contributors require contributions made to
+# this file be licensed under the Apache-2.0 license or a
+# compatible open source license.
+
+[Unit]
+Description=wazuh-indexer Performance Analyzer
+
+[Service]
+Type=simple
+ExecStart=/usr/share/wazuh-indexer/bin/wazuh-indexer-performance-analyzer/performance-analyzer-agent-cli
+Restart=on-failure
+User=wazuh-indexer
+Group=wazuh-indexer
+EnvironmentFile=-/etc/sysconfig/wazuh-indexer
+WorkingDirectory=/usr/share/wazuh-indexer
+
+[Install]
+WantedBy=multi-user.target