Assemble RPM packages

[AlexRuiz7]

Description

Add the tooling to create RPM packages, including plugins and configuration files.

[AlexRuiz7]

RPM

The assemble.sh script will use the output from the build.sh script and use it as a base to bundle together a final package containing the plugins, the production configuration and the service files.

The script will:

• Extract the rpm package using rpm2cpio and cpio tools.

  By default, rpm2cpio and cpio tools expect the package to be in wazuh-indexer/artifacts/tmp/rpm. The script takes care of creating the required folder structure, copying also the min package and the SPEC file.

  Current folder loadout at this stage:

  /rpm/$ARCH
      /etc
      /usr
      /var
      wazuh-indexer-min-*.rpm
      wazuh-indexer.rpm.spec
  

  usr, etc and var folders contain wazuh-indexer files, extracted from wazuh-indexer-min-*.rpm.
  wazuh-indexer.rpm.spec is copied over from wazuh-indexer/distribution/packages/src/rpm/wazuh-indexer.rpm.spec. The wazuh-indexer-performance-analyzer.service file is also copied from the same folder. It is a dependency of the SPEC file.

• Install the plugins using the opensearch-plugin CLI tool.

• Set up configuration files.

  Included in min-package. Default files are overwritten.

• Bundle an RPM file with rpmbuild and the SPEC file wazuh-indexer.rpm.spec.

  • rpmbuild is part of the rpm OS package.

    rpmbuild is invoked from wazuh-indexer/artifacts/tmp/rpm. It creates the {BUILD,RPMS,SOURCES,SRPMS,SPECS,TMP} folders and applies the rules in the SPEC file. If successful, rpmbuild will generate the package in the RPMS/ folder. The script will copy it to wazuh-indexer/artifacts/dist and clean: remove the tmp\ folder and its contents.

  Current folder loadout at this stage:

  /rpm/$ARCH
      /{BUILD,RPMS,SOURCES,SRPMS,SPECS,TMP}
      /etc
      /usr
      /var
      wazuh-indexer-min-*.rpm
      wazuh-indexer.rpm.spec
  

Running in Docker

Pre-requisites:

• Current directory: wazuh-indexer/
• Existing rpm package in wazuh-indexer/artifacts/dist/rpm, as a result of the Build stage.

MIN_PKG_PATH="./artifacts"
docker run --rm \
    -v ./scripts/:/home/wazuh-indexer/scripts \
    -v $MIN_PKG_PATH:/home/wazuh-indexer/artifacts \
    -v ./distribution/packages/src:/home/wazuh-indexer/distribution/packages/src \
    -w /home/wazuh-indexer \
    -it ubuntu:jammy /bin/bash

apt-get update
apt-get install -y rpm2cpio rpm cpio
bash scripts/assemble.sh -v 2.11.0 -p linux -a x64 -d rpm

Issues:

• _sharedstatedir is by default set to /usr/com. Fixed with %define _sharedstatedir /var/lib
• File not found: /app/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/lib/systemd/system/opensearch-performance-analyzer.service. File is missing, hosted in opensearch-build repo. Fixed by copying over the file, and placing it into the correct location.

x86-64

RPM package created successfully. Reviewing the content, these files present problems:

• 🟢 /etc/wazuh-indexer/jvm.options: not equal to jvm.prod.options. Fixed in 2931b57.
• 🟢 /etc/wazuh-indexer/opensearch.yml: not equal to opensearch.prod.yml. Fixed in 2931b57.
• 🟡 /var/lib/wazuh-indexer: new files performance_analyzer_enabled.conf and rca_enabled.conf. Files will be kept. Removing then requires additional work as the SPEC file depends on them.
• 🟢 /var/run/wazuh-indexer: new empty folder. Folder will be kept. Nothing to do.
• 🟡 /usr/share/wazuh-indexer/data: new file. Broken symbolic link.
• 🟡 /usr/share/wazuh-indexer/logs: new file. Broken symbolic link.
• 🟢 /usr/share/wazuh-indexer/README.md: new file.
• 🔴 /usr/share/wazuh-indexer/performance-analyzer-rca: empty file, but shouldn't.

File permissions are fine:

find /etc -user wazuh-indexer -not -regex ".*wazuh\-indexer.*" -name "*"
find /usr -user wazuh-indexer -not -regex ".*wazuh\-indexer.*" -name "*"
find /var -user wazuh-indexer -not -regex ".*wazuh\-indexer.*" -name "*"
find /bin -user wazuh-indexer -not -regex ".*wazuh\-indexer.*" -name "*"
find /etc -group wazuh-indexer -not -regex ".*wazuh\-indexer.*" -name "*"
find /usr -group wazuh-indexer -not -regex ".*wazuh\-indexer.*" -name "*"
find /var -group wazuh-indexer -not -regex ".*wazuh\-indexer.*" -name "*"
find /bin -group wazuh-indexer -not -regex ".*wazuh\-indexer.*" -name "*"

rpm_x64.log

Warnings:

warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jstat
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/javap
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jshell
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jmap
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jfr
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jinfo
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jdeprscan
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jmod
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jcmd
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jstatd
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jdb
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/keytool
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jimage
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/javac
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/java
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jar
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jlink
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jps
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jhsdb
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jconsole
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/serialver
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jrunscript
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/javadoc
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jdeps
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jarsigner
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jstack
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/jpackage
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/bin/rmiregistry
warning: Missing build-id in /home/wazuh-indexer/artifacts/tmp/rpm/BUILDROOT/wazuh-indexer-4.9.0-1.x86_64/usr/share/wazuh-indexer/jdk/lib/jspawnhelper
warning: File listed twice: /usr/share/wazuh-indexer/bin/indexer-init.sh
warning: File listed twice: /usr/share/wazuh-indexer/bin/indexer-ism-init.sh
warning: File listed twice: /usr/share/wazuh-indexer/bin/indexer-security-init.sh
warning: absolute symlink: /usr/share/wazuh-indexer/data -> /var/lib/wazuh-indexer
warning: absolute symlink: /usr/share/wazuh-indexer/logs -> /var/log/wazuh-indexer

arm64

FAILED: requires an ARM runner

+ echo 'Install plugins'
+ for plugin in "${plugins[@]}"
+ plugin_from_maven=org.opensearch.plugin:performance-analyzer:2.11.0.0
+ OPENSEARCH_PATH_CONF=./etc/wazuh-indexer
+ ./usr/share/wazuh-indexer/bin/opensearch-plugin install --batch --verbose org.opensearch.plugin:performance-analyzer:2.11.0.0
./usr/share/wazuh-indexer/bin/opensearch-env: line 99: /home/wazuh-indexer/artifacts/tmp/arm64-rpm/usr/share/wazuh-indexer/jdk/bin/java: cannot execute binary file: Exec format error

Originally posted by @AlexRuiz7 in #76 (comment)