Skip to content

Update offline installation workflows and scripts #57

Update offline installation workflows and scripts

Update offline installation workflows and scripts #57

name: Offline installation test
on:
pull_request:
paths:
- 'install_functions/wazuh-offline-download.sh'
- 'install_functions/wazuh-offline-installation.sh'
workflow_dispatch:
inputs:
WAZUH_INSTALLATION_ASSISTANT_REFERENCE:
description: "Branch or tag of the wazuh-installation-assistant repository."
required: true
default: 4.10.1
AUTOMATION_REFERENCE:
description: 'Branch or tag of the wazuh-automation repository'
required: true
default: 'v4.10.1'
PKG_REPOSITORY:
description: 'Repository environment'
required: true
default: 'pre-release'
type: choice
options:
- staging
- pre-release
SYSTEMS:
description: "Operating Systems (list of comma-separated quoted strings enclosed in square brackets)."
required: true
default: '["Ubuntu_22", "CentOS_8"]'
type: string
VERBOSITY:
description: 'Verbosity level on playbooks execution'
required: true
default: '-v'
type: choice
options:
- -v
- -vv
- -vvv
- -vvvv
DESTROY:
description: 'Destroy instances after run'
required: true
default: true
type: boolean
env:
WAZUH_INSTALLATION_ASSISTANT_REFERENCE: ${{ github.event_name == 'pull_request' && github.head_ref || inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }}
AUTOMATION_REFERENCE: ${{ inputs.AUTOMATION_REFERENCE }}
WAZUH_VERSION: "4.10"
PKG_REPOSITORY: ${{ github.event_name == 'pull_request' && 'pre-release' || inputs.PKG_REPOSITORY }}
VERBOSITY: ${{ github.event_name == 'pull_request' && '-v' || inputs.VERBOSITY }}
COMPOSITE_NAME: "linux-SUBNAME-amd64"
REGION: "us-east-1"
TMP_PATH: "/tmp/test"
REPOSITORY_URL: "${{ github.server_url }}/${{ github.repository }}.git"
ALLOCATOR_PATH: "/tmp/allocator_instance"
ANSIBLE_CALLBACK: "yaml"
permissions:
id-token: write
contents: read
jobs:
Create-allocator-instances:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
system: ${{ github.event_name == 'pull_request' && fromJson('["Ubuntu_22", "CentOS_8"]') || fromJson(inputs.SYSTEMS) }}
steps:
- name: View parameters
run: echo "${{ toJson(inputs) }}"
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ env.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }}
- name: Checkout wazuh/wazuh-automation repository
uses: actions/checkout@v4
with:
repository: wazuh/wazuh-automation
ref: ${{ env.AUTOMATION_REFERENCE }}
token: ${{ secrets.GH_CLONE_TOKEN }}
path: wazuh-automation
- name: Set COMPOSITE_NAME variable
run: |
case "${{ matrix.system }}" in
"CentOS_7")
SUBNAME="centos-7"
;;
"CentOS_8")
SUBNAME="centos-8"
;;
"AmazonLinux_2")
SUBNAME="amazon-2"
;;
"Ubuntu_16")
SUBNAME="ubuntu-16.04"
;;
"Ubuntu_18")
SUBNAME="ubuntu-18.04"
;;
"Ubuntu_20")
SUBNAME="ubuntu-20.04"
;;
"Ubuntu_22")
SUBNAME="ubuntu-22.04"
;;
"RHEL7")
SUBNAME="redhat-7"
;;
"RHEL8")
SUBNAME="redhat-8"
;;
*)
echo "Invalid SYSTEM selection" >&2
exit 1
;;
esac
COMPOSITE_NAME="${COMPOSITE_NAME/SUBNAME/$SUBNAME}"
echo "COMPOSITE_NAME=$COMPOSITE_NAME" >> $GITHUB_ENV
- name: Install python and create virtual environment
run: |
sudo apt-get update
sudo apt-get install -y python3 python3-venv
python3 -m venv testing_venv
source testing_venv/bin/activate
python3 -m pip install --upgrade pip
echo PATH=$PATH >> $GITHUB_ENV
- name: Install and set allocator requirements
run: pip3 install -r wazuh-automation/deployability/deps/requirements.txt
- name: Set up AWS credentials
uses: aws-actions/configure-aws-credentials@v3
with:
role-to-assume: ${{ secrets.AWS_IAM_ROLE }}
aws-region: ${{ env.REGION }}
- name: Allocate test instance and set SSH variables
id: allocator_instance
run: |
python3 wazuh-automation/deployability/modules/allocation/main.py --action create --provider aws --size large --composite-name ${{ env.COMPOSITE_NAME }} --working-dir $ALLOCATOR_PATH \
--track-output $ALLOCATOR_PATH/track.yml --inventory-output $ALLOCATOR_PATH/inventory.yml --instance-name gha_${{ github.run_id }}_assistant_test \
--label-team devops --label-termination-date 1d
sed 's/: */=/g' $ALLOCATOR_PATH/inventory.yml > $ALLOCATOR_PATH/inventory_mod.yml
sed -i 's/-o StrictHostKeyChecking=no/\"-o StrictHostKeyChecking=no\"/g' $ALLOCATOR_PATH/inventory_mod.yml
source $ALLOCATOR_PATH/inventory_mod.yml
echo "[gha_instance]" > $ALLOCATOR_PATH/inventory
echo "$ansible_host ansible_port=$ansible_port ansible_user=$ansible_user ansible_ssh_private_key_file=$ansible_ssh_private_key_file ansible_ssh_common_args='$ansible_ssh_common_args'" >> $ALLOCATOR_PATH/inventory
- name: Install Ansible
run: pip install ansible-core==2.16
- name: configure ansible
run: |
ansible-galaxy collection install community.general
- name: Execute provision playbook
run: |
INSTALL_DEPS=true
INSTALL_PYTHON=true
INSTALL_PIP_DEPS=true
ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/provision.yml \
-i $ALLOCATOR_PATH/inventory \
-l all \
-e "repository=$REPOSITORY_URL" \
-e "reference=$WAZUH_INSTALLATION_ASSISTANT_REFERENCE" \
-e "tmp_path=$TMP_PATH" \
-e "install_deps=$INSTALL_DEPS" \
-e "install_python=$INSTALL_PYTHON" \
-e "install_pip_deps=$INSTALL_PIP_DEPS" \
"$VERBOSITY"
#- name: Get instance-id
# run: |
# INSTANCE_ID=$(aws ec2 describe-instances --query 'Reservations[0].Instances[0].InstanceId' --filters "Name=tag:Name,Values=gha_${{ github.#run_id }}_assistant_test" --output text)
# echo "INSTANCE_ID=$INSTANCE_ID" >> $GITHUB_ENV
#
#- name: Change security group
# run: |
# aws ec2 modify-instance-attribute --instance-id ${{ env.INSTANCE_ID }} --groups sg-03c53339089a65829
- name: Execute offline installation playbook
run: |
ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/offline_installation.yml \
-i $ALLOCATOR_PATH/inventory \
-l all \
-e "tmp_path=$TMP_PATH" \
-e "pkg_repository=$PKG_REPOSITORY" \
-e "wazuh_version=$WAZUH_VERSION" \
"$VERBOSITY"
- name: Delete allocated VM
if: always() && steps.allocator_instance.outcome == 'success' && (inputs.DESTROY == true || github.event_name == 'pull_request')
run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output $ALLOCATOR_PATH/track.yml