Build deb wazuh-dashboard on amd64 #448
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| run-name: Build ${{ inputs.system }} wazuh-dashboard on ${{ inputs.architecture }} ${{ inputs.is_stage && '- is stage' || '' }} ${{ inputs.checksum && '- checksum' || '' }} ${{ inputs.id }} | |
| name: Build Wazuh dashboard with plugins | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| system: | |
| type: choice | |
| description: 'Package OS' | |
| required: true | |
| options: | |
| - deb | |
| - rpm | |
| default: 'deb' | |
| architecture: | |
| type: choice | |
| description: 'Package architecture' | |
| required: true | |
| options: | |
| - amd64 | |
| - x86_64 | |
| - aarch64 | |
| - arm64 | |
| default: amd64 | |
| revision: | |
| type: string | |
| description: 'Package revision' | |
| required: true | |
| default: '0' | |
| reference_security_plugins: | |
| type: string | |
| description: 'Branch/tag/commit of the wazuh-security-dashboards-plugin repository to build the security plugin' | |
| required: true | |
| default: 'master' | |
| reference_wazuh_plugins: | |
| type: string | |
| description: 'Branch/tag/commit of the wazuh-dashboard-plugins repository to build the main plugins' | |
| required: true | |
| default: 'master' | |
| is_stage: | |
| type: boolean | |
| description: 'Set production nomenclature' | |
| required: true | |
| default: false | |
| checksum: | |
| type: boolean | |
| description: 'Generate package checksum' | |
| required: true | |
| default: false | |
| id: | |
| description: 'ID used to identify the workflow uniquely.' | |
| type: string | |
| required: false | |
| workflow_call: | |
| inputs: | |
| system: | |
| type: string | |
| required: true | |
| default: 'deb' | |
| architecture: | |
| type: string | |
| required: true | |
| default: amd64 | |
| revision: | |
| type: string | |
| required: true | |
| default: '0' | |
| reference_security_plugins: | |
| type: string | |
| required: true | |
| default: 'master' | |
| reference_wazuh_plugins: | |
| type: string | |
| required: true | |
| default: 'master' | |
| is_stage: | |
| type: boolean | |
| required: true | |
| default: false | |
| checksum: | |
| type: boolean | |
| required: true | |
| default: false | |
| id: | |
| type: string | |
| required: false | |
| jobs: | |
| setup-variables: | |
| runs-on: ubuntu-latest | |
| name: Setup variables | |
| outputs: | |
| CURRENT_DIR: ${{ steps.setup-variables.outputs.CURRENT_DIR }} | |
| VERSION: ${{ steps.setup-variables.outputs.VERSION }} | |
| REVISION: ${{ steps.setup-variables.outputs.REVISION }} | |
| COMMIT_SHA: ${{ steps.setup-variables.outputs.COMMIT_SHA }} | |
| PRODUCTION: ${{ steps.setup-variables.outputs.PRODUCTION }} | |
| WAZUH_DASHBOARD_SLIM: ${{ steps.setup-variables.outputs.WAZUH_DASHBOARD_SLIM }} | |
| WAZUH_SECURITY_PLUGIN: ${{ steps.setup-variables.outputs.WAZUH_SECURITY_PLUGIN }} | |
| WAZUH_PLUGINS: ${{ steps.setup-variables.outputs.WAZUH_PLUGINS }} | |
| PACKAGE_NAME: ${{ steps.setup-variables.outputs.PACKAGE_NAME }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup variables | |
| id: setup-variables | |
| run: | | |
| CURRENT_DIR=$(pwd -P) | |
| VERSION=$(tail -c +2 VERSION) | |
| REVISION=$(yarn --silent wzd-revision) | |
| COMMIT_SHA=$(git rev-parse --short HEAD) | |
| if [ "${{ inputs.is_stage }}" = "true" ]; then | |
| PRODUCTION=--production | |
| else | |
| PRODUCTION="" | |
| fi | |
| WAZUH_DASHBOARD_SLIM=wazuh-dashboard_${VERSION}-${REVISION}_${{ (inputs.ARCHITECTURE == 'x86_64' || inputs.ARCHITECTURE == 'amd64') && 'x64' || 'arm64' }}.tar.gz | |
| WAZUH_SECURITY_PLUGIN=wazuh-security-dashboards-plugin_${VERSION}-${REVISION}_${{ inputs.reference_security_plugins }}.zip | |
| WAZUH_PLUGINS=wazuh-dashboard-plugins_${VERSION}-${REVISION}_${{ inputs.reference_wazuh_plugins }}.zip | |
| if [ "${{ inputs.system }}" = "deb" ]; then | |
| if [ "${{ inputs.is_stage }}" = "true" ]; then | |
| PACKAGE_NAME=wazuh-dashboard_${VERSION}-${{ inputs.revision }}_${{ inputs.architecture }}.deb | |
| else | |
| PACKAGE_NAME=wazuh-dashboard_${VERSION}-${{ inputs.revision }}_${{ inputs.architecture }}_${COMMIT_SHA}.deb | |
| fi | |
| else | |
| if [ "${{ inputs.is_stage }}" = "true" ]; then | |
| PACKAGE_NAME=wazuh-dashboard-${VERSION}-${{ inputs.revision }}.${{ inputs.architecture }}.rpm | |
| else | |
| PACKAGE_NAME=wazuh-dashboard_${VERSION}-${{ inputs.revision }}_${{ inputs.architecture }}_${COMMIT_SHA}.rpm | |
| fi | |
| fi | |
| echo "CURRENT_DIR=$CURRENT_DIR" >> $GITHUB_OUTPUT | |
| echo "VERSION=$VERSION" >> $GITHUB_OUTPUT | |
| echo "REVISION=$REVISION" >> $GITHUB_OUTPUT | |
| echo "COMMIT_SHA=$COMMIT_SHA" >> $GITHUB_OUTPUT | |
| echo "PRODUCTION=$PRODUCTION" >> $GITHUB_OUTPUT | |
| echo "WAZUH_DASHBOARD_SLIM=$WAZUH_DASHBOARD_SLIM" >> $GITHUB_OUTPUT | |
| echo "WAZUH_SECURITY_PLUGIN=$WAZUH_SECURITY_PLUGIN" >> $GITHUB_OUTPUT | |
| echo "WAZUH_PLUGINS=$WAZUH_PLUGINS" >> $GITHUB_OUTPUT | |
| echo "PACKAGE_NAME=$PACKAGE_NAME" >> $GITHUB_OUTPUT | |
| validate-job: | |
| runs-on: ubuntu-latest | |
| needs: setup-variables | |
| name: Validate job | |
| steps: | |
| - name: Validate inputs | |
| run: | | |
| if [[ "${{ inputs.architecture }}" == "amd64" || "${{ inputs.architecture }}" == "arm64" ]] && [[ "${{ inputs.system }}" == "rpm" ]]; then | |
| echo "Invalid combination of architecture and system" | |
| exit 1 | |
| fi | |
| if [[ "${{ inputs.architecture }}" == "x86_64" || "${{ inputs.architecture }}" == "aarch64" ]] && [[ "${{ inputs.system }}" == "deb" ]]; then | |
| echo "Invalid combination of architecture and system" | |
| exit 1 | |
| fi | |
| # - name: Set up AWS CLI | |
| # uses: aws-actions/configure-aws-credentials@v4 | |
| # with: | |
| # aws-access-key-id: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY }} | |
| # aws-secret-access-key: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY }} | |
| # aws-region: ${{ secrets.CI_AWS_REGION }} | |
| # - name: Verify if package is already built | |
| # run: | | |
| # set +e | |
| # echo "Verifying package" | |
| # PACKAGE_NAME=${{ needs.setup-variables.outputs.PACKAGE_NAME }} | |
| # exists=$(aws s3 ls s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/$PACKAGE_NAME) | |
| # if [ -n "$exists" ]; then | |
| # echo "Package already exists" | |
| # exit 1 | |
| # fi | |
| # set -e | |
| build-base: | |
| needs: [validate-job] | |
| name: Build dashboard | |
| uses: wazuh/wazuh-dashboard/.github/workflows/[email protected] | |
| with: | |
| CHECKOUT_TO: ${{ github.head_ref || github.ref_name }} | |
| ARCHITECTURE: ${{ inputs.architecture }} | |
| build-main-plugins: | |
| needs: [validate-job] | |
| name: Build plugins | |
| uses: wazuh/wazuh-dashboard-plugins/.github/workflows/[email protected] | |
| with: | |
| reference: ${{ inputs.reference_wazuh_plugins }} | |
| build-security-plugin: | |
| needs: [validate-job] | |
| name: Build security plugin | |
| uses: wazuh/wazuh-security-dashboards-plugin/.github/workflows/[email protected] | |
| with: | |
| reference: ${{ inputs.reference_security_plugins }} | |
| build-and-test-package: | |
| needs: [setup-variables, build-main-plugins, build-base, build-security-plugin] | |
| runs-on: ${{ (inputs.architecture == 'arm64' || inputs.architecture == 'aarch64') && 'wz-linux-arm64' || 'ubuntu-22.04' }} | |
| name: Generate packages | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version-file: '.nvmrc' | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Download dashboard artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: ${{ needs.setup-variables.outputs.WAZUH_DASHBOARD_SLIM }} | |
| path: ${{ needs.setup-variables.outputs.CURRENT_DIR }}/artifacts/dashboard | |
| - name: Download security plugin artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: ${{ needs.setup-variables.outputs.WAZUH_SECURITY_PLUGIN }} | |
| path: ${{ needs.setup-variables.outputs.CURRENT_DIR }}/artifacts/security-plugin | |
| - name: Download plugins artifacts | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: ${{ needs.setup-variables.outputs.WAZUH_PLUGINS }} | |
| path: ${{ needs.setup-variables.outputs.CURRENT_DIR }}/artifacts/plugins | |
| - name: Zip plugins | |
| run: | | |
| zip -r -j ${{ needs.setup-variables.outputs.CURRENT_DIR }}/artifacts/wazuh-package.zip ${{ needs.setup-variables.outputs.CURRENT_DIR }}/artifacts/plugins | |
| zip -r -j ${{ needs.setup-variables.outputs.CURRENT_DIR }}/artifacts/security-package.zip ${{ needs.setup-variables.outputs.CURRENT_DIR }}/artifacts/security-plugin | |
| zip -r -j ${{ needs.setup-variables.outputs.CURRENT_DIR }}/artifacts/dashboard-package.zip ${{ needs.setup-variables.outputs.CURRENT_DIR }}/artifacts/dashboard/${{ needs.setup-variables.outputs.WAZUH_DASHBOARD_SLIM }} | |
| - name: Build package | |
| run: | | |
| cd ${{ needs.setup-variables.outputs.CURRENT_DIR }}/dev-tools/build-packages | |
| bash ./build-packages.sh \ | |
| -v ${{ needs.setup-variables.outputs.VERSION }} \ | |
| -r ${{ inputs.revision }} \ | |
| -a file://${{needs.setup-variables.outputs.CURRENT_DIR}}/artifacts/wazuh-package.zip \ | |
| -s file://${{needs.setup-variables.outputs.CURRENT_DIR}}/artifacts/security-package.zip \ | |
| -b file://${{needs.setup-variables.outputs.CURRENT_DIR}}/artifacts/dashboard-package.zip \ | |
| --${{ inputs.system }} ${{ needs.setup-variables.outputs.PRODUCTION }} | |
| - name: Test package | |
| run: | | |
| cd ${{ needs.setup-variables.outputs.CURRENT_DIR }}/dev-tools/test-packages | |
| cp ${{ needs.setup-variables.outputs.CURRENT_DIR }}/dev-tools/build-packages/output/${{needs.setup-variables.outputs.PACKAGE_NAME}} ${{ needs.setup-variables.outputs.CURRENT_DIR }}/dev-tools/test-packages/${{ inputs.system }} | |
| bash ./test-packages.sh \ | |
| -p ${{needs.setup-variables.outputs.PACKAGE_NAME}} | |
| # - name: Set up AWS CLI | |
| # uses: aws-actions/configure-aws-credentials@v4 | |
| # with: | |
| # aws-access-key-id: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY }} | |
| # aws-secret-access-key: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY }} | |
| # aws-region: ${{ secrets.CI_AWS_REGION }} | |
| # - name: Upload package | |
| # run: | | |
| # echo "Uploading package" | |
| # aws s3 cp ${{ needs.setup-variables.outputs.CURRENT_DIR }}/dev-tools/build-packages/output/${{ inputs.system }}/${{needs.setup-variables.outputs.PACKAGE_NAME}} s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/ | |
| # s3uri="s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/${{needs.setup-variables.outputs.PACKAGE_NAME}}" | |
| # echo "S3 URI: ${s3uri}" | |
| # - name: Upload SHA512 | |
| # if: ${{ inputs.checksum }} | |
| # run: | | |
| # echo "Uploading checksum" | |
| # aws s3 cp ${{ needs.setup-variables.outputs.CURRENT_DIR }}/dev-tools/build-packages/output/${{ inputs.system }}/${{needs.setup-variables.outputs.PACKAGE_NAME}}.sha512 s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/ | |
| # s3uri="s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/${{needs.setup-variables.outputs.PACKAGE_NAME}}.sha512" | |
| # echo "S3 sha512 URI: ${s3uri}" |