.github/workflows/build_wazuh_dashboard_with_plugins.yml

Build packages #119

Workflow file for this run

.github/workflows/build_wazuh_dashboard_with_plugins.yml at c7481c0

	run-name: Build packages ${{ inputs.id }}

	on:
	workflow_dispatch:
	inputs:
	system:
	type: choice
	description: 'Package OS'
	required: true
	options:
	- deb
	- rpm
	default: 'deb'
	architecture:
	type: choice
	description: 'Package architecture'
	required: true
	options:
	- amd64
	- x86_64
	default: amd64
	revision:
	type: string
	description: 'Package revision'
	required: true
	default: '0'
	reference_security_plugins:
	type: string
	description: 'Branch/tag/commit of the wazuh-security-dashboards-plugin repository to build the security plugin'
	required: true
	default: 'master'
	reference_wazuh_plugins:
	type: string
	description: 'Branch/tag/commit of the wazuh-dashboard-plugins repository to build the main plugins'
	required: true
	default: 'master'
	is_stage:
	type: boolean
	description: 'Set production nomenclature'
	required: true
	default: false
	checksum:
	type: boolean
	description: 'Generate package checksum'
	required: true
	default: false
	id:
	description: 'ID used to identify the workflow uniquely.'
	type: string
	required: false

	workflow_call:
	inputs:
	system:
	type: string
	required: true
	default: 'deb'
	architecture:
	type: string
	required: true
	default: amd64
	revision:
	type: string
	required: true
	default: '0'
	reference_security_plugins:
	type: string
	required: true
	default: 'master'
	reference_wazuh_plugins:
	type: string
	required: true
	default: 'master'
	is_stage:
	type: boolean
	required: true
	default: false
	checksum:
	type: boolean
	required: true
	default: false
	id:
	type: string
	required: false

	jobs:
	validate-inputs:
	runs-on: ubuntu-latest
	name: Validate inputs
	steps:
	- name: Validate inputs
	run: \|
	if [ "${{ inputs.architecture }}" = "amd64" ] && [ "${{ inputs.system }}" = "rpm" ]; then
	echo "Invalid combination of architecture and system"
	exit 1
	fi
	if [ "${{ inputs.architecture }}" = "x86_64" ] && [ "${{ inputs.system }}" = "deb" ]; then
	echo "Invalid combination of architecture and system"
	exit 1
	fi

	build-base:
	needs: [validate-inputs]
	name: Build dashboard
	uses: wazuh/wazuh-dashboard/.github/workflows/build_base.yml@bug/package-generation-branch-with-slash
	with:
	CHECKOUT_TO: ${{ github.head_ref \|\| github.ref_name }}

	build-main-plugins:
	needs: [validate-inputs]
	name: Build plugins
	uses: wazuh/wazuh-dashboard-plugins/.github/workflows/[email protected]
	with:
	reference: ${{ inputs.reference_wazuh_plugins }}

	build-security-plugin:
	needs: [validate-inputs]
	name: Build security plugin
	uses: wazuh/wazuh-security-dashboards-plugin/.github/workflows/[email protected]
	with:
	reference: ${{ inputs.reference_security_plugins }}

	build-and-test-package:
	needs: [build-main-plugins, build-base, build-security-plugin]
	runs-on: ubuntu-latest
	name: Generate packages
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	node-version-file: '.nvmrc'
	registry-url: 'https://registry.npmjs.org'

	- name: Setup variables
	run: \|
	echo "CURRENT_DIR=$(pwd -P)" >> $GITHUB_ENV
	echo "VERSION=$(tail -c +2 VERSION)" >> $GITHUB_ENV
	echo "REVISION=$(yarn --silent wzd-revision)" >> $GITHUB_ENV
	echo "COMMIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
	if [ "${{ inputs.is_stage }}" = "true" ]; then
	echo "PRODUCTION=--production" >> $GITHUB_ENV
	fi

	- name: Setup packages names
	run: \|
	echo "WAZUH_DASHBOARD_SLIM=wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_x64.tar.gz" >> $GITHUB_ENV
	echo "WAZUH_SECURITY_PLUGIN=wazuh-security-dashboards-plugin_${{ env.VERSION }}-${{ env.REVISION }}_${{ inputs.reference_security_plugins }}.zip" >> $GITHUB_ENV
	echo "WAZUH_PLUGINS=wazuh-dashboard-plugins_${{ env.VERSION }}-${{ env.REVISION }}_${{ inputs.reference_wazuh_plugins }}.zip" >> $GITHUB_ENV
	if [ "${{ inputs.system }}" = "deb" ]; then
	if [ "${{ inputs.is_stage }}" = "true" ]; then
	echo "PACKAGE_NAME=wazuh-dashboard_${{ env.VERSION }}-${{ inputs.revision }}_${{ inputs.architecture }}.deb" >> $GITHUB_ENV
	else
	echo "PACKAGE_NAME=wazuh-dashboard_${{ env.VERSION }}-${{ inputs.revision }}_${{ inputs.architecture }}_${{ env.COMMIT_SHA}}.deb" >> $GITHUB_ENV
	fi
	else
	if [ "${{ inputs.is_stage }}" = "true" ]; then
	echo "PACKAGE_NAME=wazuh-dashboard-${{ env.VERSION }}-${{ inputs.revision }}.${{ inputs.architecture }}.rpm" >> $GITHUB_ENV
	else
	echo "PACKAGE_NAME=wazuh-dashboard_${{ env.VERSION }}-${{ inputs.revision }}_${{ inputs.architecture }}_${{ env.COMMIT_SHA}}.rpm" >> $GITHUB_ENV
	fi
	fi

	- name: Download dashboard artifact
	uses: actions/download-artifact@v3
	with:
	name: ${{ env.WAZUH_DASHBOARD_SLIM }}
	path: ${{ env.CURRENT_DIR }}/artifacts/dashboard

	- name: Download security plugin artifact
	uses: actions/download-artifact@v3
	with:
	name: ${{ env.WAZUH_SECURITY_PLUGIN }}
	path: ${{ env.CURRENT_DIR }}/artifacts/security-plugin

	- name: Download plugins artifacts
	uses: actions/download-artifact@v3
	with:
	name: ${{ env.WAZUH_PLUGINS }}
	path: ${{ env.CURRENT_DIR }}/artifacts/plugins

	- name: Zip plugins
	run: \|
	zip -r -j ${{ env.CURRENT_DIR }}/artifacts/wazuh-package.zip ${{ env.CURRENT_DIR }}/artifacts/plugins
	zip -r -j ${{ env.CURRENT_DIR }}/artifacts/security-package.zip ${{ env.CURRENT_DIR }}/artifacts/security-plugin
	zip -r -j ${{ env.CURRENT_DIR }}/artifacts/dashboard-package.zip ${{ env.CURRENT_DIR }}/artifacts/dashboard/${{ env.WAZUH_DASHBOARD_SLIM }}

	- name: Build package
	run: \|
	cd ${{ env.CURRENT_DIR }}/dev-tools/build-packages
	bash ./build-packages.sh \
	-v ${{ env.VERSION }} \
	-r ${{ inputs.revision }} \
	-a file://${{env.CURRENT_DIR}}/artifacts/wazuh-package.zip \
	-s file://${{env.CURRENT_DIR}}/artifacts/security-package.zip \
	-b file://${{env.CURRENT_DIR}}/artifacts/dashboard-package.zip \
	--${{ inputs.system }} ${{ env.PRODUCTION }}

	- name: Test package
	run: \|
	cd ${{ env.CURRENT_DIR }}/dev-tools/test-packages
	ls -la ${{ env.CURRENT_DIR }}/dev-tools/build-packages/output/${{ inputs.system }}
	cp ${{ env.CURRENT_DIR }}/dev-tools/build-packages/output/${{ inputs.system }}/${{env.PACKAGE_NAME}} ${{ env.CURRENT_DIR }}/dev-tools/test-packages/${{ inputs.system }}
	bash ./test-packages.sh \
	-p ${{env.PACKAGE_NAME}}

	- name: Set up AWS CLI
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY }}
	aws-secret-access-key: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY }}
	aws-region: ${{ secrets.CI_AWS_REGION }}

	- name: Upload package
	run: \|
	echo "Uploading package"
	aws s3 cp ${{ env.CURRENT_DIR }}/dev-tools/build-packages/output/${{ inputs.system }}/${{env.PACKAGE_NAME}} s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/
	if [ "${{ inputs.checksum }}" = "true" ]; then
	echo "Uploading checksum"
	aws s3 cp ${{ env.CURRENT_DIR }}/dev-tools/build-packages/output/${{ inputs.system }}/${{env.PACKAGE_NAME}}.sha512 s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build packages #119

Workflow file

Build packages #119

Jobs

Run details

Workflow file for this run