diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2c05d48c4a507..d045b5d4fb103 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -6,7 +6,7 @@ on: push: # Sequence of patterns matched against refs/heads branches: - - 'ci/*' + - "ci/*" workflow_dispatch: inputs: revision: @@ -36,7 +36,7 @@ jobs: uses: ./.github/workflows/r_commit_sha.yml build: - needs: [ version, commit_sha ] + needs: [version, commit_sha] strategy: matrix: distribution: [tar, rpm, deb] @@ -64,3 +64,13 @@ jobs: architecture: ${{ matrix.architecture }} distribution: ${{ matrix.distribution }} min: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '1' || inputs.revision }}-${{ matrix.architecture }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.distribution }} + + test: + needs: [version, commit_sha, assemble] + strategy: + fail-fast: false + matrix: + os: [{ suffix: "amd64", ext: "deb" }, { suffix: "x86_64", ext: "rpm" }] + uses: ./.github/workflows/r_test.yml + with: + package: wazuh-indexer-${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '1' || inputs.revision }}_${{ matrix.os.suffix }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.os.ext }} diff --git a/.github/workflows/r_assemble.yml b/.github/workflows/r_assemble.yml index d08b64cea23ed..11009429298e0 100644 --- a/.github/workflows/r_assemble.yml +++ b/.github/workflows/r_assemble.yml @@ -1,5 +1,8 @@ name: Assemble (reusable) +env: + TEST: true + # This workflow runs when any of the following occur: # - Run from another workflow on: diff --git a/.github/workflows/r_test.yml b/.github/workflows/r_test.yml new file mode 100644 index 0000000000000..fa9cd819ac8fe --- /dev/null +++ b/.github/workflows/r_test.yml @@ -0,0 +1,88 @@ +name: Test (reusable) + +# This workflow runs when any of the following occur: +# - Run from another workflow +on: + workflow_call: + inputs: + package: + description: "The name of the package to download." + required: true + type: string + +jobs: + r_test_rpm: + if: ${{ endsWith(inputs.package, 'rpm') }} + runs-on: ubuntu-latest + # Permissions to upload the package + permissions: + packages: read + contents: read + steps: + - name: Download artifact + uses: actions/download-artifact@v4 + with: + name: ${{ inputs.package }} + path: artifacts/dist + + - name: Install package + uses: addnab/docker-run-action@v3 + with: + image: redhat/ubi9:latest + options: -v ${{ github.workspace }}/artifacts/dist:/artifacts/dist + run: | + yum localinstall "/artifacts/dist/${{ inputs.package }}" -y + + r_test_deb: + if: ${{ endsWith(inputs.package, 'deb') }} + runs-on: ubuntu-latest + # Permissions to upload the package + permissions: + packages: read + contents: read + steps: + - name: Download artifact + uses: actions/download-artifact@v4 + with: + name: ${{ inputs.package }} + path: artifacts/dist + + - name: Install package + run: | + sudo dpkg -i "artifacts/dist/${{ inputs.package }}" + + - uses: actions/checkout@v4 + - name: Generate and deploy certificates + uses: addnab/docker-run-action@v3 + with: + image: wazuh/wazuh-certs-generator:0.0.1 + options: -v ${{ github.workspace }}/integrations/docker/config/certs.yml:/config/certs.yml -v /etc/wazuh-indexer/certs:/certs + shell: sh + run: | + mkdir -p /certificates /certs + /entrypoint.sh + chown -R 1000:999 /certificates + chmod 740 /certificates + chmod 440 /certificates/* + + mv /certificates/wazuh.indexer-key.pem /certs/indexer-key.pem + mv /certificates/wazuh.indexer.pem /certs/indexer.pem + mv /certificates/root-ca.pem /certs/root-ca.pem + ls /certs + + - run: sudo systemctl daemon-reload + - run: | + if ! sudo systemctl enable wazuh-indexer.service; then + sudo journalctl --no-pager -u wazuh-indexer.service + exit 1 + fi + - run: | + if ! sudo systemctl start wazuh-indexer; then + sudo journalctl --no-pager -u wazuh-indexer.service + exit 1 + fi + - run: | + if ! sudo systemctl status --no-pager wazuh-indexer -n 100; then + sudo journalctl --no-pager -u wazuh-indexer.service + exit 1 + fi