Get Wazuh version from VERSION file

docker/README.md

@@ -61,7 +61,7 @@ Example:
 Usage: ./dev.sh {up|down|stop} [security]
 ```
 
-Once the `wazuh-indexer` container is up, attach a shell to it and run `./gradlew run`
+Once the `wi-build` container is up, attach a shell to it and run `./gradlew run`
 to start the application.
 
 

docker/assemble.yml

@@ -0,0 +1,28 @@
+version: "3.9"
+
+services:
+
+  wi-assemble:
+    image: wi-assemble:${VERSION}
+    container_name: wi-assemble-${VERSION}
+    build:
+      context: ./..
+      dockerfile: ${REPO_PATH}/docker/images/wi-assemble.Dockerfile
+#    ports:
+#      # OpenSearch REST API
+#      - 9200:9200
+#      # Cross-cluster search
+#      # - 9250:9250
+#      # Node communication and transport
+#      # - 9300:9300
+#      # Performance Analyzer
+#      # - 9600:9600
+#    expose:
+#      - 9200
+    volumes:
+      - ${REPO_PATH}/scripts:/home/wazuh-indexer/scripts
+      - ${REPO_PATH}/artifacts:/home/wazuh-indexer/artifacts
+      - ${REPO_PATH}/distribution/packages/src:/home/wazuh-indexer/distribution/packages/src
+    entrypoint: ['tail', '-f', '/dev/null']
+    user: "1000:1000"
+    working_dir: /home/wazuh-indexer

docker/dev.sh

@@ -55,4 +55,4 @@ function main() {
     esac
 }
 
-main "$@"
+main "$@"

docker/dev.yml

@@ -2,12 +2,12 @@ version: "3.9"
 
 services:
 
-  wazuh-indexer:
-    image: wazuh-indexer-dev:${VERSION}
-    container_name: wazuh-indexer-dev-${VERSION}
+  wi-build:
+    image: wi-build:${VERSION}
+    container_name: wi-build-${VERSION}
     build:
       context: ./..
-      dockerfile: ${REPO_PATH}/docker/images/wi-dev.Dockerfile
+      dockerfile: ${REPO_PATH}/docker/images/wi-build.Dockerfile
     ports:
       # OpenSearch REST API
       - 9200:9200
@@ -24,3 +24,18 @@ services:
     entrypoint: ['tail', '-f', '/dev/null']
     user: "1000:1000"
     working_dir: /home/wazuh-indexer/app
+
+
+  wi-assemble:
+    image: wi-assemble:${VERSION}
+    container_name: wi-assemble-${VERSION}
+    build:
+      context: ./..
+      dockerfile: ${REPO_PATH}/docker/images/wi-assemble.Dockerfile
+    volumes:
+      - ${REPO_PATH}/scripts:/home/wazuh-indexer/scripts
+      - ${REPO_PATH}/artifacts:/home/wazuh-indexer/artifacts
+      - ${REPO_PATH}/distribution/packages/src:/home/wazuh-indexer/distribution/packages/src
+    entrypoint: ['tail', '-f', '/dev/null']
+    user: "1000:1000"
+    working_dir: /home/wazuh-indexer

docker/images/wi-assemble.Dockerfile

@@ -0,0 +1,20 @@
+FROM ubuntu:jammy
+RUN mkdir /home/wazuh-indexer && \
+    apt-get update -y && \
+    apt-get install curl gnupg2 -y && \
+    curl -o- https://www.aptly.info/pubkey.txt | apt-key add - && \
+    echo "deb http://repo.aptly.info/ squeeze main" | tee -a /etc/apt/sources.list.d/aptly.list && \
+    apt-get update -y && \
+    apt-get upgrade -y && \
+    apt-get install -y aptly build-essential cpio debhelper-compat debmake freeglut3 libasound2 libatk-bridge2.0-0 libatk1.0-0 libatspi2.0-dev libcairo2 libcairo2-dev libcups2 libdrm2 libgbm-dev libgconf-2-4 libnspr4 libnspr4-dev libnss3 libpangocairo-1.0-0 libxcomposite-dev libxdamage1 libxfixes-dev libxfixes3 libxi6 libxkbcommon-x11-0 libxrandr2 libxrender1 libxtst6 rpm rpm2cpio && \
+    apt-get clean -y && \
+    dpkg -r lintian && \
+    addgroup --gid 1000 wazuh-indexer && \
+    adduser --uid 1000 --ingroup wazuh-indexer --disabled-password --home /home/wazuh-indexer wazuh-indexer && \
+    chmod 0775 /home/wazuh-indexer && \
+    chown -R 1000:1000 /home/wazuh-indexer
+USER wazuh-indexer
+WORKDIR /home/wazuh-indexer
+
+
+

scripts/README.md

@@ -32,7 +32,7 @@ act -j build -W .github/workflows/build.yml --artifact-server-path ./artifacts
 Within the [Docker environment](../docker):
 
 ```console
-bash scripts/build.sh -v 2.11.0 -s false -p linux -a {x64|arm64} -d {rpm|deb|tar}
+docker exec -it wi-build-$(<VERSION) bash scripts/build.sh -v 2.11.1 -s false -p linux -a {x64|arm64} -d {rpm|deb|tar}
 ```
 
 The generated package is sent to `artifacts/`
@@ -104,7 +104,7 @@ The script will:
 ### Running in Act
 
 ```console
-act -j assemble -W .github/workflows/build.yml --artifact-server-path ./artifacts --matrix distribution:deb --matrix architecture:x64 --var OPENSEARCH_VERSION=2.11.0
+act -j assemble -W .github/workflows/build.yml --artifact-server-path ./artifacts --matrix distribution:deb --matrix architecture:x64 --var OPENSEARCH_VERSION=2.11.1
 
 [Build slim packages/build] 🏁  Job succeeded
 ```
@@ -115,33 +115,10 @@ Pre-requisites:
 
 - Current directory: `wazuh-indexer/`
 - Existing deb package in `wazuh-indexer/artifacts/dist/deb`, as a result of the _Build_ stage.
+- Within the [Docker environment](../docker):
 
 ```console
-MIN_PKG_PATH="./artifacts"
-docker run --rm \
-    -v ./scripts/:/home/wazuh-indexer/scripts \
-    -v $MIN_PKG_PATH:/home/wazuh-indexer/artifacts \
-    -v ./distribution/packages/src:/home/wazuh-indexer/distribution/packages/src \
-    -w /home/wazuh-indexer \
-    -it ubuntu:jammy /bin/bash
-
-# https://github.com/opensearch-project/opensearch-build/blob/2.11.1/docker/ci/dockerfiles/current/build.ubuntu2004.opensearch.x64.arm64.dockerfile
-
-# Install necessary packages
-apt-get update -y && apt-get upgrade -y && apt-get install -y curl build-essential curl &&
-    apt-get install -y debmake debhelper-compat &&
-    apt-get install -y libxrender1 libxtst6 libasound2 libxi6 libgconf-2-4 &&
-    apt-get install -y libatk1.0-0 libatk-bridge2.0-0 libcups2 libdrm2 libatspi2.0-dev libxcomposite-dev libxdamage1 libxfixes3 libxfixes-dev libxrandr2 libgbm-dev libxkbcommon-x11-0 libpangocairo-1.0-0 libcairo2 libcairo2-dev libnss3 libnspr4 libnspr4-dev freeglut3 &&
-    apt-get clean -y
-
-# Install aptly and required changes to debmake
-# Remove lintian for now due to it takes nearly 20 minutes for OpenSearch as well as nearly an hour for OpenSearch-Dashboards during debmake
-curl -o- https://www.aptly.info/pubkey.txt | apt-key add - &&
-    echo "deb http://repo.aptly.info/ squeeze main" | tee -a /etc/apt/sources.list.d/aptly.list &&
-    apt-get update -y && apt-get install -y aptly && apt-get clean -y &&
-    dpkg -r lintian
-
-bash scripts/assemble.sh -v 2.11.0 -p linux -a x64 -d deb
+docker exec -it wi-assemble-$(<VERSION) bash scripts/assemble.sh -v 2.11.1 -p linux -a x64 -d deb
 ```
 
 ### RPM
@@ -197,7 +174,7 @@ The script will:
 ### Running in Act
 
 ```console
-act -j assemble -W .github/workflows/build.yml --artifact-server-path ./artifacts --matrix distribution:rpm --matrix architecture:x64 --var OPENSEARCH_VERSION=2.11.0
+act -j assemble -W .github/workflows/build.yml --artifact-server-path ./artifacts --matrix distribution:rpm --matrix architecture:x64 --var OPENSEARCH_VERSION=2.11.1
 
 [Build slim packages/build] 🏁  Job succeeded
 ```
@@ -208,17 +185,8 @@ Pre-requisites:
 
 - Current directory: `wazuh-indexer/`
 - Existing rpm package in `wazuh-indexer/artifacts/dist/rpm`, as a result of the _Build_ stage.
+- Within the [Docker environment](../docker):
 
 ```console
-MIN_PKG_PATH="./artifacts"
-docker run --rm \
-    -v ./scripts/:/home/wazuh-indexer/scripts \
-    -v $MIN_PKG_PATH:/home/wazuh-indexer/artifacts \
-    -v ./distribution/packages/src:/home/wazuh-indexer/distribution/packages/src \
-    -w /home/wazuh-indexer \
-    -it ubuntu:jammy /bin/bash
-
-apt-get update
-apt-get install -y rpm2cpio rpm cpio
-bash scripts/assemble.sh -v 2.11.0 -p linux -a x64 -d rpm
+docker exec -it wi-assemble-$(<VERSION) bash scripts/assemble.sh -v 2.11.1 -p linux -a x64 -d rpm
 ```

scripts/assemble.sh

@@ -9,32 +9,39 @@
 
 set -ex
 
-# Minimum required plugins
-# plugins=(
-#     "performance-analyzer"
-#     "opensearch-security"
-# )
-
-plugins=(
-    "alerting" # "opensearch-alerting"
-    "opensearch-job-scheduler"
-    "opensearch-anomaly-detection" # Requires "opensearch-job-scheduler"
-    "asynchronous-search"          # "opensearch-asynchronous-search"
-    "opensearch-cross-cluster-replication"
-    "geospatial" # "opensearch-geospatial"
-    "opensearch-index-management"
-    "opensearch-knn"
-    "opensearch-ml-plugin" # "opensearch-ml"
-    "neural-search"        # "opensearch-neural-search"
-    "opensearch-notifications-core"
-    "notifications" # "opensearch-notifications". Requires "opensearch-notifications-core"
-    "opensearch-observability"
-    "performance-analyzer" # "opensearch-performance-analyzer"
-    "opensearch-reports-scheduler"
-    "opensearch-security"
-    "opensearch-security-analytics"
-    "opensearch-sql-plugin" # "opensearch-sql"
-)
+### The $test variable determines whether we include a minimalistic
+### or the full set of OpenSearch plugins
+
+test=${test:-false}
+
+if ( $test )
+then
+		plugins=(
+		    "performance-analyzer"
+		    "opensearch-security"
+		)
+else
+		plugins=(
+		    "alerting" # "opensearch-alerting"
+		    "opensearch-job-scheduler"
+		    "opensearch-anomaly-detection" # Requires "opensearch-job-scheduler"
+		    "asynchronous-search"          # "opensearch-asynchronous-search"
+		    "opensearch-cross-cluster-replication"
+		    "geospatial" # "opensearch-geospatial"
+		    "opensearch-index-management"
+		    "opensearch-knn"
+		    "opensearch-ml-plugin" # "opensearch-ml"
+		    "neural-search"        # "opensearch-neural-search"
+		    "opensearch-notifications-core"
+		    "notifications" # "opensearch-notifications". Requires "opensearch-notifications-core"
+		    "opensearch-observability"
+		    "performance-analyzer" # "opensearch-performance-analyzer"
+		    "opensearch-reports-scheduler"
+		    "opensearch-security"
+		    "opensearch-security-analytics"
+		    "opensearch-sql-plugin" # "opensearch-sql"
+		)
+fi
 
 # ====
 # Usage
@@ -176,15 +183,14 @@ function remove_unneeded_files() {
 # Add additional tools into packages
 # ====
 function add_wazuh_tools() {
-    local version
-    version=$(<VERSION)
-    version=${version%%.[[:digit:]]}
+    local version=${1%%.[[:digit:]]}
+
     local download_url
     download_url="https://packages-dev.wazuh.com/${version}"
 
-    wget -q "${download_url}/config.yml" -O $PATH_PLUGINS/opensearch-security/tools/config.yml
-    wget -q "${download_url}/wazuh-passwords-tool.sh "-O $PATH_PLUGINS/opensearch-security/tools/wazuh-passwords-tool.sh
-    wget -q "${download_url}/wazuh-certs-tool.sh" -O $PATH_PLUGINS/opensearch-security/tools/wazuh-certs-tool.sh
+    curl -sL "${download_url}/config.yml" -o $PATH_PLUGINS/opensearch-security/tools/config.yml
+    curl -sL "${download_url}/wazuh-passwords-tool.sh" -o $PATH_PLUGINS/opensearch-security/tools/wazuh-passwords-tool.sh
+    curl -sL "${download_url}/wazuh-certs-tool.sh" -o $PATH_PLUGINS/opensearch-security/tools/wazuh-certs-tool.sh
 }
 
 # ====
@@ -241,15 +247,18 @@ function assemble_tar() {
     tar -zvxf "${ARTIFACT_BUILD_NAME}"
     cd "$(ls -d wazuh-indexer-*/)"
 
+    local version
+    version=$(cat VERSION)
+
     # Install plugins
     install_plugins
     # Swap configuration files
     add_configuration_files
     remove_unneeded_files
-    add_wazuh_tools
+    add_wazuh_tools "${version}"
 
     # Pack
-    archive_name="wazuh-indexer-$(cat VERSION)"
+    archive_name="wazuh-indexer-${version}"
     cd ..
     tar -cvf "${archive_name}-${SUFFIX}.${EXT}" "${archive_name}"
     cd ../../..
@@ -277,20 +286,21 @@ function assemble_rpm() {
     echo "Extract ${ARTIFACT_BUILD_NAME} archive"
     rpm2cpio "${ARTIFACT_BUILD_NAME}" | cpio -imdv
 
+    local version
+    version=$(cat ./usr/share/wazuh-indexer/VERSION)
+
     # Install plugins
     install_plugins
     enable_performance_analyzer_rca ${src_path}
     # Swap configuration files
     add_configuration_files
     remove_unneeded_files
-    add_wazuh_tools
+    add_wazuh_tools "${version}"
 
     # Generate final package
     local topdir
-    local version
     local spec_file="wazuh-indexer.rpm.spec"
     topdir=$(pwd)
-    version=$(cat ./usr/share/wazuh-indexer/VERSION)
     rpmbuild --bb \
         --define "_topdir ${topdir}" \
         --define "_version ${version}" \
@@ -327,17 +337,18 @@ function assemble_deb() {
     ar xf "${ARTIFACT_BUILD_NAME}" data.tar.gz
     tar zvxf data.tar.gz
 
+    local version
+    version=$(cat ./usr/share/wazuh-indexer/VERSION)
+
     # Install plugins
     install_plugins
     enable_performance_analyzer_rca ${src_path}
     # Swap configuration files
     add_configuration_files
     remove_unneeded_files
-    add_wazuh_tools
+    add_wazuh_tools "${version}"
 
     # Generate final package
-    local version
-    version=$(cat ./usr/share/wazuh-indexer/VERSION)
     debmake \
         --fullname "Wazuh Team" \
         --email "[email protected]" \

scripts/provision.sh

@@ -3,7 +3,7 @@
 # Provision script for assembly of DEB packages
 
 # Install necessary packages
-apt-get update -y && apt-get upgrade -y && apt-get install -y curl build-essential curl &&
+apt-get update -y && apt-get upgrade -y && apt-get install -y curl wget build-essential &&
    apt-get install -y debmake debhelper-compat &&
    apt-get install -y libxrender1 libxtst6 libasound2 libxi6 libgconf-2-4 &&
    apt-get install -y libatk1.0-0 libatk-bridge2.0-0 libcups2 libdrm2 libatspi2.0-dev libxcomposite-dev libxdamage1 libxfixes3 libxfixes-dev libxrandr2 libgbm-dev libxkbcommon-x11-0 libpangocairo-1.0-0 libcairo2 libcairo2-dev libnss3 libnspr4 libnspr4-dev freeglut3 &&