Modify action to allow uploading artifact to S3 (#151)

wazuh · Mar 20, 2024 · f066302 · f066302
1 parent c8fa56a
commit f066302
Show file tree

Hide file tree

Showing 6 changed files with 94 additions and 18 deletions.
diff --git a/.github/workflows/build_wazuh_dashboard_with_plugins.yml b/.github/workflows/build_wazuh_dashboard_with_plugins.yml
@@ -16,9 +16,17 @@ on:
         required: true
         default: ''
       DISTRIBUTION:
-        description: 'Distribution to build (deb | rpm | tar | all-platforms)'
+        type: choice
+        description: 'Distribution to build'
+        required: true
+        options:
+          - deb
+          - rpm
+          - all-platforms
+      S3UPLOAD:
+        description: 'Upload to S3'
+        type: boolean
         required: true
-        default: ''
 
 jobs:
   build-plugins:
@@ -140,6 +148,7 @@ jobs:
           echo "CURRENT_DIR=$(pwd -P)" >> $GITHUB_ENV
           echo "VERSION=$(yarn --silent wzd-version)" >> $GITHUB_ENV
           echo "REVISION=$(yarn --silent wzd-revision)" >> $GITHUB_ENV
+          echo "COMMIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
 
       - name: Download dashboard artifact
         uses: actions/download-artifact@v3
@@ -159,13 +168,12 @@ jobs:
         uses: actions/upload-artifact@v3
         if: success()
         with:
-          name: wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64.deb
-          path: ${{ env.CURRENT_DIR }}/dev-tools/build-packages/deb/output/wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64.deb
+          name: wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64_${{env.COMMIT_SHA}}.deb
+          path: ${{ env.CURRENT_DIR }}/dev-tools/build-packages/deb/output/wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64_${{ env.COMMIT_SHA}}.deb
           retention-days: 30
 
-
   build-rpm-package:
-    needs: [Build-base-package]
+    needs: [Build-base-package ]
     if: ( contains(inputs.DISTRIBUTION, 'rpm') || contains(inputs.DISTRIBUTION, 'all-platforms') )
     runs-on: ubuntu-latest
     name: Build rpm package
@@ -188,6 +196,7 @@ jobs:
           echo "CURRENT_DIR=$(pwd -P)" >> $GITHUB_ENV
           echo "VERSION=$(yarn --silent wzd-version)" >> $GITHUB_ENV
           echo "REVISION=$(yarn --silent wzd-revision)" >> $GITHUB_ENV
+          echo "COMMIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
 
       - name: Download dashboard artifact
         uses: actions/download-artifact@v3
@@ -207,11 +216,10 @@ jobs:
         uses: actions/upload-artifact@v3
         if: success()
         with:
-          name: wazuh-dashboard-${{ env.VERSION }}-${{ env.REVISION }}.x86_64.rpm
-          path: ${{ env.CURRENT_DIR }}/dev-tools/build-packages/rpm/output/wazuh-dashboard-${{ env.VERSION }}-${{ env.REVISION }}.x86_64.rpm
+          name: wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_x86_64_${{env.COMMIT_SHA}}.rpm
+          path: ${{ env.CURRENT_DIR }}/dev-tools/build-packages/rpm/output/wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_x86_64_${{ env.COMMIT_SHA}}.rpm
           retention-days: 30
 
-
   test-package-deb:
     needs: [build-deb-package]
     runs-on: ubuntu-latest
@@ -233,18 +241,19 @@ jobs:
           echo "CURRENT_DIR=$(pwd -P)" >> $GITHUB_ENV
           echo "VERSION=$(yarn --silent wzd-version)" >> $GITHUB_ENV
           echo "REVISION=$(yarn --silent wzd-revision)" >> $GITHUB_ENV
+          echo "COMMIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
 
       - name: Download deb package
         uses: actions/download-artifact@v3
         with:
-          name: wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64.deb
+          name: wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64_${{env.COMMIT_SHA}}.deb
           path: ${{ env.CURRENT_DIR }}/dev-tools/test-packages/deb
 
       - name: Run test
         run: |
           cd ${{ env.CURRENT_DIR }}/dev-tools/test-packages
           bash ./test-packages.sh \
-            -p wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64.deb
+            -p wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64_${{env.COMMIT_SHA}}.deb
 
 
   test-package-rpm:
@@ -268,15 +277,73 @@ jobs:
           echo "CURRENT_DIR=$(pwd -P)" >> $GITHUB_ENV
           echo "VERSION=$(yarn --silent wzd-version)" >> $GITHUB_ENV
           echo "REVISION=$(yarn --silent wzd-revision)" >> $GITHUB_ENV
+          echo "COMMIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
 
       - name: Download rpm package
         uses: actions/download-artifact@v3
         with:
-          name: wazuh-dashboard-${{ env.VERSION }}-${{ env.REVISION }}.x86_64.rpm
+          name: wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_x86_64_${{env.COMMIT_SHA}}.rpm
           path: ${{ env.CURRENT_DIR }}/dev-tools/test-packages/rpm
 
       - name: Run test
         run: |
           cd ${{ env.CURRENT_DIR }}/dev-tools/test-packages
+          ls -lah ${{ env.CURRENT_DIR }}/dev-tools/test-packages/rpm
+          ls -lah
           bash ./test-packages.sh \
-            -p wazuh-dashboard-${{ env.VERSION }}-${{ env.REVISION }}.x86_64.rpm
+            -p wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_x86_64_${{env.COMMIT_SHA}}.rpm
+
+  upload-to-s3:
+    needs: [test-package-rpm, test-package-deb]
+    if: |
+      always() && inputs.S3UPLOAD && contains(needs.*.result, 'success') && !contains(needs.*.result, 'failure')
+    runs-on: ubuntu-latest
+    name: Upload to S3
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Setup variables
+        run: |
+          echo "CURRENT_DIR=$(pwd -P)" >> $GITHUB_ENV
+          echo "VERSION=$(yarn --silent wzd-version)" >> $GITHUB_ENV
+          echo "REVISION=$(yarn --silent wzd-revision)" >> $GITHUB_ENV
+          echo "COMMIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
+
+      - name: Set up AWS CLI
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY }}
+          aws-secret-access-key: ${{ secrets.CI_INTERNAL_DEVELOPMENT_BUCKET_USER_SECRET_KEY }}
+          aws-region: us-east-1
+
+      - name: Download deb package
+        if: contains(needs.test-package-deb.result, 'success')
+        uses: actions/download-artifact@v3
+        with:
+          name: wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64_${{env.COMMIT_SHA}}.deb
+          path: ${{ env.CURRENT_DIR }}/dev-tools/build-packages/deb/
+
+      - name: Upload deb to S3
+        if: contains(needs.test-package-deb.result, 'success')
+        run: |
+          echo "Uploading deb package"
+          aws s3 cp  ${{ env.CURRENT_DIR }}/dev-tools/build-packages/deb/wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64_${{env.COMMIT_SHA}}.deb s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/
+
+      - name: Download rpm package
+        if: contains(needs.test-package-rpm.result, 'success')
+        uses: actions/download-artifact@v3
+        with:
+          name: wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_x86_64_${{env.COMMIT_SHA}}.rpm
+          path: ${{ env.CURRENT_DIR }}/dev-tools/build-packages/rpm
+
+      - name: Upload rpm to S3
+        if: contains(needs.test-package-rpm.result, 'success')
+        run: |
+          aws s3 cp ${{ env.CURRENT_DIR }}/dev-tools/build-packages/rpm/wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_x86_64_${{env.COMMIT_SHA}}.rpm s3://packages-dev.internal.wazuh.com/development/wazuh/4.x/main/packages/
diff --git a/dev-tools/build-packages/build-packages.sh b/dev-tools/build-packages/build-packages.sh
diff --git a/dev-tools/build-packages/deb/builder.sh b/dev-tools/build-packages/deb/builder.sh
@@ -15,6 +15,7 @@ target="wazuh-dashboard"
 architecture=$1
 revision=$2
 version=$3
+commit_sha=$4
 directory_base="/usr/share/wazuh-dashboard"
 
 # Build directories
@@ -23,6 +24,7 @@ pkg_name="${target}-${version}"
 pkg_path="${build_dir}/${target}"
 source_dir="${pkg_path}/${pkg_name}"
 deb_file="${target}_${version}-${revision}_${architecture}.deb"
+final_name="${target}_${version}-${revision}_${architecture}_${commit_sha}.deb"
 
 mkdir -p ${source_dir}/debian
 
@@ -48,4 +50,4 @@ debuild --no-lintian -b -uc -us \
     -eREVISION="${revision}"
 
 cd ${pkg_path} && sha512sum ${deb_file} >/tmp/${deb_file}.sha512
-mv ${pkg_path}/${deb_file} /tmp/
+mv ${pkg_path}/${deb_file} /tmp/${final_name}
diff --git a/dev-tools/build-packages/deb/launcher.sh b/dev-tools/build-packages/deb/launcher.sh
@@ -19,6 +19,7 @@ build_docker="yes"
 # Constants
 deb_amd64_builder="deb_dashboard_builder_amd64"
 deb_builder_dockerfile="${current_path}/docker"
+commit_sha=$(git rev-parse --short HEAD)
 
 # Paths
 current_path="$( cd $(dirname $0) ; pwd -P )"
@@ -103,7 +104,8 @@ build_deb() {
     docker run -t --rm ${volumes} \
         -v ${current_path}/../..:/root:Z \
         ${container_name} ${architecture} \
-        ${revision} ${version} || return 1
+        ${revision} ${version} ${commit_sha}\
+        || return 1
 
     echo "Package $(ls -Art ${out_dir} | tail -n 1) added to ${out_dir}."
 
@@ -117,7 +119,7 @@ build_deb() {
 build() {
     build_name="${deb_amd64_builder}"
     file_path="../${deb_builder_dockerfile}/${architecture}"
-    build_deb ${build_name} ${file_path} || return 1
+    build_deb ${build_name} ${file_path} ${commit_sha}|| return 1
     return 0
 }
 

diff --git a/dev-tools/build-packages/rpm/builder.sh b/dev-tools/build-packages/rpm/builder.sh
@@ -15,6 +15,7 @@ target="wazuh-dashboard"
 architecture=$1
 revision=$2
 version=$3
+commit_sha=$4
 directory_base="/usr/share/wazuh-dashboard"
 
 # Build directories
@@ -24,6 +25,7 @@ pkg_name=${target}-${version}
 pkg_path="${rpm_build_dir}/RPMS/${architecture}"
 file_name="${target}-${version}-${revision}"
 rpm_file="${file_name}.${architecture}.rpm"
+final_name="${target}_${version}-${revision}_${architecture}_${commit_sha}.rpm"
 
 mkdir -p ${rpm_build_dir}/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}
 
@@ -48,3 +50,4 @@ cd ${build_dir} && tar czf "${rpm_build_dir}/SOURCES/${pkg_name}.tar.gz" "${pkg_
 cd ${pkg_path} && sha512sum ${rpm_file} >/tmp/${rpm_file}.sha512
 
 find ${pkg_path}/ -maxdepth 3 -type f -name "${file_name}*" -exec mv {} /tmp/ \;
+mv /tmp/${rpm_file} /tmp/${final_name}
diff --git a/dev-tools/build-packages/rpm/launcher.sh b/dev-tools/build-packages/rpm/launcher.sh
@@ -19,6 +19,7 @@ build_docker="yes"
 # Constants
 rpm_x86_builder="rpm_dashboard_builder_x86"
 rpm_builder_dockerfile="${current_path}/docker"
+commit_sha=$(git rev-parse --short HEAD)
 
 # Paths
 current_path="$( cd $(dirname $0) ; pwd -P )"
@@ -106,7 +107,8 @@ build_rpm() {
     docker run -t --rm ${volumes} \
         -v ${current_path}/../..:/root:Z \
         ${container_name} ${architecture} \
-        ${revision} ${version} || return 1
+        ${revision} ${version} ${commit_sha} \
+        || return 1
 
     echo "Package $(ls -Art ${out_dir} | tail -n 1) added to ${out_dir}."
 
@@ -120,7 +122,7 @@ build_rpm() {
 build() {
     build_name="${rpm_x86_builder}"
     file_path="../${rpm_builder_dockerfile}/${architecture}"
-    build_rpm ${build_name} ${file_path} || return 1
+    build_rpm ${build_name} ${file_path} ${commit_sha}|| return 1
     return 0
 }