Skip to content

Commit

Permalink
Add workflow to assemble packages (#85)
Browse files Browse the repository at this point in the history
* Add script to assemble arm64 and x64 archives (tar)

* Cleanup

* Update config file with latest upstream changes

* Change packages maintainer information

* Fix wrong substitution of config files

* Update dockerignore to ignore git folder

* Update wazuh-indexer.rpm.spec

Remove unnecessary echo commands

* Add wazuh-indexer-performance-analyzer.service

Required to assembly RPM. The plugin does not install this file, so it needs to be added manually.

* Update assemble.sh

Successfully assemble RPM x64. Runner needed to arm64

* Update `build.yml`

* Add WIP documentation for packages' generation

* Test new approach using reusable workflows

* Fix errors

* Restructure reusable workflow

* Fix upload and download paths

* New try

- Adds a reusable workflow to return the version of Wazuh set in source code.
- Attempt to dynamically generate artifacts name to normalize them for usage between jobs.
- Adds revision as input for the workflow.
- Cleanup

* Emulate assemble to test upload of the reusable assembly workflow

* Add Caching Gradle dependencies

* Remove extra '-' in the packages names on the assembly job

* Final cleanup

* Enable RPM package assemble

Remove unused code

* Fix regex to get package name

* Fix download-artifact destination path

* Exclude unimplemented deb assembly

Extend example to run with Act
  • Loading branch information
AlexRuiz7 committed Mar 8, 2024
1 parent 9c698e5 commit 7a69df9
Show file tree
Hide file tree
Showing 14 changed files with 1,910 additions and 63 deletions.
106 changes: 52 additions & 54 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -1,62 +1,60 @@
name: Build slim packages
name: Build packages

# This workflow runs when any of the following occur:
# - Run manually
# - Run manually
on:
workflow_dispatch:


# Used to run locally using https://github.com/nektos/act
env:
ACT:
VERSION: 2.11.0
SNAPSHOT: false
PLATFORM: linux
BUILD: bash scripts/build.sh

inputs:
revision:
# description:
default: "1"
required: false
type: string

# ==========================
# Bibliography
# ==========================
#
# * Reusable workflows: limitations
# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations
# * Using matrix in reusable workflows:
# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-a-matrix-strategy-with-a-reusable-workflow
# * Reading input from the called workflow
# | https://docs.github.com/en/enterprise-cloud@latest/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs

jobs:
version:
uses: ./.github/workflows/r_version.yml

build:
runs-on: ubuntu-latest
# Permissions to upload the package
permissions:
packages: write
contents: read
needs: version
strategy:
matrix:
# act is resource-heavy. Avoid running parallel builds with it:
# DISTRIBUTION: [ rpm ]
# ARCHITECTURE: [ x64 ]
DISTRIBUTION: [ tar, rpm, deb ]
ARCHITECTURE: [ x64, arm64 ]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v3
with:
distribution: temurin
java-version: 11

- name: Setup Gradle
uses: gradle/[email protected]

- name: Execute build script
run: |
$BUILD -v $VERSION -s $SNAPSHOT -p $PLATFORM -a ${{ matrix.ARCHITECTURE }} -d ${{ matrix.DISTRIBUTION }}
# The package name is stored in the artifacts/artifact_name.txt file
- name: Read package name
id: package_name
run: |
echo $(ls -la)
echo "package_name=$(cat artifacts/artifact_name.txt)" >> $GITHUB_OUTPUT
echo "$(cat artifacts/artifact_name.txt)"
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: ${{ steps.package_name.outputs.package_name }}
path: artifacts/dist/${{ steps.package_name.outputs.package_name }}
if-no-files-found: error

# assemble:
# release:
matrix:
distribution: [tar, rpm, deb]
architecture: [x64, arm64]
uses: ./.github/workflows/r_build.yml
with:
architecture: ${{ matrix.architecture }}
distribution: ${{ matrix.distribution }}
name: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ inputs.revision }}-${{ matrix.architecture }}_${{ github.sha }}.${{ matrix.distribution }}
# wazuh-indexer-min_4.8.0-rc1_x64_ff98475f.deb
# TODO arm64 != amd64 (deb), x64 != x86_64 (rpm)
# TODO use short SHA https://stackoverflow.com/a/59819441/13918537

assemble:
needs: [version, build]
strategy:
matrix:
distribution: [tar, rpm, deb]
architecture: [x64, arm64]
exclude:
# skip arm64 until we have arm runners
- architecture: arm64
- distribution: [tar, deb] # Exclude deb assembly until it's implemented

uses: ./.github/workflows/r_assemble.yml
with:
architecture: ${{ matrix.architecture }}
distribution: ${{ matrix.distribution }}
min: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ inputs.revision }}-${{ matrix.architecture }}_${{ github.sha }}.${{ matrix.distribution }}
name: wazuh-indexer_${{ needs.version.outputs.version }}-${{ inputs.revision }}-${{ matrix.architecture }}_${{ github.sha }}.${{ matrix.distribution }}
58 changes: 58 additions & 0 deletions .github/workflows/r_assemble.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
name: Assemble (reusable)

# This workflow runs when any of the following occur:
# - Run from another workflow
on:
workflow_call:
inputs:
distribution:
description: 'One of [ "tar", "rpm", "deb" ]'
default: "rpm"
required: false
type: string
architecture:
description: 'One of [ "x64", "arm64" ]'
default: "x64"
required: false
type: string
min:
description: The name of the package to download.
required: true
type: string
name:
description: The name of the package to upload.
required: true
type: string

jobs:
r_assemble:
runs-on: ubuntu-latest
# Permissions to upload the package
permissions:
packages: write
contents: read
steps:
- uses: actions/checkout@v4
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: ${{ inputs.min }}
path: artifacts/dist

- name: Run `assemble.sh`
run: |
bash scripts/assemble.sh -v ${{ vars.OPENSEARCH_VERSION }} -p linux -a ${{ inputs.architecture }} -d ${{ inputs.distribution }}
# The package's name is stored in artifacts/artifact_name.txt.
- name: Set package name
id: get_name
run: |
echo "name=$(cat artifacts/artifact_name.txt)" >> $GITHUB_OUTPUT
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: ${{ inputs.name }}
path: artifacts/dist/${{ steps.get_name.outputs.name }}
if-no-files-found: error

53 changes: 53 additions & 0 deletions .github/workflows/r_build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: Build (reusable)

# This workflow runs when any of the following occur:
# - Run from another workflow
on:
workflow_call:
inputs:
distribution:
description: 'One of [ "tar", "rpm", "deb" ]'
default: "rpm"
required: false
type: string
architecture:
description: 'One of [ "x64", "arm64" ]'
default: "x64"
required: false
type: string
name:
type: string

jobs:
r_build:
runs-on: ubuntu-latest
# Permissions to upload the package
permissions:
packages: write
contents: read
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 11

- name: Setup Gradle
uses: gradle/[email protected]

- name: Run `build.sh`
run: |
bash scripts/build.sh -v ${{ vars.OPENSEARCH_VERSION }} -s false -p linux -a ${{ inputs.architecture }} -d ${{ inputs.distribution }}
# The package's name is stored in artifacts/artifact_name.txt.
- name: Set package name
id: get_name
run: |
echo "name=$(cat artifacts/artifact_name.txt)" >> $GITHUB_OUTPUT
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: ${{ inputs.name }}
path: artifacts/dist/${{ steps.get_name.outputs.name }}
if-no-files-found: error
22 changes: 22 additions & 0 deletions .github/workflows/r_version.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
name: Version (reusable)

# This workflow runs when any of the following occur:
# - Run from another workflow
on:
workflow_call:
outputs:
version:
description: "Returns the version of Wazuh"
value: ${{ jobs.r_version.outputs.version }}

jobs:
r_version:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.get_version.outputs.version }}
steps:
- uses: actions/checkout@v4
- name: Read 'VERSION'
id: get_version
run: |
echo "version=$(cat VERSION)" >> $GITHUB_OUTPUT
6 changes: 3 additions & 3 deletions distribution/packages/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -298,13 +298,13 @@ apply plugin: 'com.netflix.nebula.ospackage-base'

// this is package indepdendent configuration
ospackage {
maintainer 'OpenSearch Team <opensearch@amazon.com>'
maintainer 'Wazuh, Inc <info@wazuh.com>'
summary 'Distributed RESTful search engine built for the cloud'
packageDescription '''
Reference documentation can be found at
https://github.com/opensearch-project/OpenSearch
https://documentation.wazuh.com/current/getting-started/components/wazuh-indexer.html
'''.stripIndent().trim()
url 'https://github.com/opensearch-project/OpenSearch'
url 'https://documentation.wazuh.com/current/getting-started/components/wazuh-indexer.html'

// signing setup
if (project.hasProperty('signing.password') && BuildParams.isSnapshotBuild() == false) {
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# Copyright OpenSearch Contributors
# SPDX-License-Identifier: Apache-2.0
#
# The OpenSearch Contributors require contributions made to
# this file be licensed under the Apache-2.0 license or a
# compatible open source license.

[Unit]
Description=wazuh-indexer Performance Analyzer

[Service]
Type=simple
ExecStart=/usr/share/wazuh-indexer/bin/wazuh-indexer-performance-analyzer/performance-analyzer-agent-cli
Restart=on-failure
User=wazuh-indexer
Group=wazuh-indexer
EnvironmentFile=-/etc/sysconfig/wazuh-indexer
WorkingDirectory=/usr/share/wazuh-indexer

[Install]
WantedBy=multi-user.target
Loading

0 comments on commit 7a69df9

Please sign in to comment.