From 0ad043735e1bc087eff24ff5a86382982790828e Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Mon, 23 Dec 2024 17:03:38 -0300 Subject: [PATCH] Add steps to change security group --- .github/workflows/offline-installation.yml | 32 +++++++++------------- 1 file changed, 13 insertions(+), 19 deletions(-) diff --git a/.github/workflows/offline-installation.yml b/.github/workflows/offline-installation.yml index f5999a6..005de0b 100644 --- a/.github/workflows/offline-installation.yml +++ b/.github/workflows/offline-installation.yml @@ -10,11 +10,11 @@ on: WAZUH_INSTALLATION_ASSISTANT_REFERENCE: description: "Branch or tag of the wazuh-installation-assistant repository." required: true - default: 4.10.2 + default: 4.10.1 AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: 'v4.10.2' + default: 'v4.10.1' PKG_REPOSITORY: description: 'Repository environment' required: true @@ -49,7 +49,6 @@ env: AUTOMATION_REFERENCE: ${{ inputs.AUTOMATION_REFERENCE }} WAZUH_VERSION: "4.10" PKG_REPOSITORY: ${{ github.event_name == 'pull_request' && 'pre-release' || inputs.PKG_REPOSITORY }} - #AWS_ACCOUNT: "wazuh-dev" VERBOSITY: ${{ github.event_name == 'pull_request' && '-v' || inputs.VERBOSITY }} COMPOSITE_NAME: "linux-SUBNAME-amd64" REGION: "us-east-1" @@ -59,8 +58,8 @@ env: ANSIBLE_CALLBACK: "yaml" permissions: - id-token: write # This is required for requesting the JWT - contents: read # This is required for actions/checkout + id-token: write + contents: read jobs: Create-allocator-instances: @@ -181,6 +180,14 @@ jobs: -e "install_pip_deps=$INSTALL_PIP_DEPS" \ "$VERBOSITY" + - name: Get instance-id + run: | + echo "INSTANCE_ID=$(aws ec2 describe-instances --query 'Reservations[*].Instances[*].InstanceId' --profile wazuh-qa --filters "Name=tag:Name,Values=wia-161-centos-7" --output text)" >> $GITHUB_ENV + + - name: Change security group + run: | + aws ec2 modify-instance-attribute --instance-id {{ env.INSTANCE_ID }} --groups sg-03c53339089a65829 + - name: Execute offline installation playbook run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/offline_installation.yml \ @@ -191,19 +198,6 @@ jobs: -e "wazuh_version=$WAZUH_VERSION" \ "$VERBOSITY" - - name: Compress Allocator VM directory - id: compress_allocator_files - if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == false && github.event_name != 'pull_request' - run: | - zip -P "${{ secrets.ZIP_ARTIFACTS_PASSWORD }}" -r $ALLOCATOR_PATH.zip $ALLOCATOR_PATH - - - name: Upload Allocator VM directory as artifact - if: always() && steps.compress_allocator_files.outcome == 'success' && inputs.DESTROY == false && github.event_name != 'pull_request' - uses: actions/upload-artifact@v4 - with: - name: allocator-instance-${{ matrix.system }} - path: ${{ env.ALLOCATOR_PATH }}.zip - - name: Delete allocated VM if: always() && steps.allocator_instance.outcome == 'success' && (inputs.DESTROY == true || github.event_name == 'pull_request') - run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output $ALLOCATOR_PATH/track.yml \ No newline at end of file + run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output $ALLOCATOR_PATH/track.yml