-
Notifications
You must be signed in to change notification settings - Fork 137
82 lines (69 loc) · 3.08 KB
/
Puppet_module_builder.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
run-name: Build Wazuh Puppet module ${{ inputs.BRANCH_NAME }} - Launched by @${{ github.actor }}
name: Puppet Module Builder
on:
workflow_dispatch:
inputs:
upload:
description: "Upload ?"
type: boolean
default: false
is_stage:
description: "Is stage ?"
type: boolean
default: false
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
env:
S3_PATH: "development/wazuh/4.x/secondary/puppet-module/"
jobs:
build_module:
runs-on: ubuntu-24.04
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: View parameters
run: echo "${{ toJson(inputs) }}"
- name: Create environment variables for workflow
run: |
PUPPET_MODULE_REPO=$(jq .name ${{ github.workspace }}/metadata.json | sed -e 's|["'\'']||g')
PUPPET_MODULE_VERSION=$(jq .version ${{ github.workspace }}/metadata.json | sed -e 's|["'\'']||g')
calculatedSha=$(git rev-parse --short ${{ github.sha }})
echo "PUPPET_MODULE_REPO=$PUPPET_MODULE_REPO" >> "$GITHUB_ENV"
echo "PUPPET_MODULE_VERSION=$PUPPET_MODULE_VERSION" >> "$GITHUB_ENV"
echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV
- name: Install dependencies
run: |
curl -O https://apt.puppet.com/puppet-tools-release-noble.deb
sudo dpkg -i puppet-tools-release-noble.deb
sudo apt-get update
sudo apt-get install pdk
pdk set config user.analytics.disabled false --type boolean --force
- name: Modify name for stage build
if: ${{ inputs.is_stage == false }}
run: |
pip install sde --break-system-packages
PUPPET_MODULE_VERSION="${PUPPET_MODULE_VERSION%-*}-0-${{ env.COMMIT_SHORT_SHA}}"
sde version $PUPPET_MODULE_VERSION ${{ github.workspace }}/metadata.json
echo "PUPPET_MODULE_VERSION=$PUPPET_MODULE_VERSION" >> "$GITHUB_ENV"
- name: Build Wazuh Puppet module
run: |
mkdir -p ${{ github.workspace }}/output
pdk build --force --target-dir=${{ github.workspace }}/output/
PUPPET_MODULE_NAME=${{ env.PUPPET_MODULE_REPO }}-${{ env.PUPPET_MODULE_VERSION }}.tar.gz
echo "PUPPET_MODULE_NAME=$PUPPET_MODULE_NAME" >> "$GITHUB_ENV"
- name: Create Puppet module artifact
uses: actions/upload-artifact@v4
with:
name: Puppet module artifact
path: ${{ github.workspace }}/output/${{ env.PUPPET_MODULE_NAME }}
retention-days: 1
- name: Configure aws credentials
if: ${{ inputs.upload == true }}
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_IAM_PUPPET_ROLE }}
aws-region: "${{ secrets.AWS_REGION }}"
- name: Upload Puppet module to S3
if: ${{ inputs.upload == true }}
run: aws s3 cp ${{ github.workspace }}/output/${{ env.PUPPET_MODULE_NAME }} s3://${{ secrets.AWS_S3_BUCKET }}/${{ env.S3_PATH }}