Save plugins and reporting repo hashes on workflow variable and updat… (#502)

* Save plugins and reporting repo hashes on workflow variable and update baptizer script to use it on package naming

* Update GHA workflow to save hash on global variable

* Update GHA to use env

* Update GHA workflow to save the hash on a output variable

* Fix environment variable usage

* Update baptizer to receive the repositories hashes by parameter

Update build GHA to send hashes by parameters to the baptizer script

* Update build-scripts README.md with new baptizer parameters

* Update build GHA workflow to show the URL of the uploaded package at the job view

* Update GHA build workflow to always upload package to the S3 bucket

Remove 'upload' check on workflow input

* Restore upload input and corresponding validations

* Remove commented lines

Author: QU3B1M

.github/workflows/build.yml

@@ -126,6 +126,8 @@ jobs:
     runs-on: ubuntu-latest
     env:
       plugin_name: wazuh-indexer-${{ matrix.plugins }}
+    outputs:
+      hash: ${{ steps.save-hash.outputs.hash }}
     steps:
       - uses: actions/checkout@v4
         with:
@@ -151,6 +153,10 @@ jobs:
       - run: ls -lR build/distributions
         working-directory: ./plugins/${{ matrix.plugins }}
 
+      - name: Save commit hash
+        id: save-hash
+        run: echo "hash=$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
+
       - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:
@@ -161,6 +167,8 @@ jobs:
   build-reporting-plugin:
     if: ${{ inputs.reporting_plugin_ref != '' }}
     runs-on: ubuntu-latest
+    outputs:
+      hash: ${{ steps.save-hash.outputs.hash }}
     env:
       plugin_name: wazuh-indexer-reports-scheduler
     steps:
@@ -186,6 +194,10 @@ jobs:
 
       - run: ls -lR build/distributions
 
+      - name: Save commit hash
+        id: save-hash
+        run: echo "hash=$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
+
       - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:
@@ -233,6 +245,8 @@ jobs:
             -a ${{ matrix.architecture }} \
             -d ${{ matrix.distribution }}  \
             -r ${{ inputs.revision }} \
+            -l ${{ needs.build-wazuh-plugins.outputs.hash }} \
+            -e ${{ needs.build-reporting-plugin.outputs.hash }} \
             ${{ inputs.is_stage && '-x' || '' }} \
           )
           echo "name=$name" >> $GITHUB_OUTPUT
@@ -244,6 +258,8 @@ jobs:
             -a ${{ matrix.architecture }} \
             -d ${{ matrix.distribution }}  \
             -r ${{ inputs.revision }} \
+            -l ${{ needs.build-wazuh-plugins.outputs.hash }} \
+            -e ${{ needs.build-reporting-plugin.outputs.hash }} \
             ${{ inputs.is_stage && '-x' || '' }} \
           )
           echo "name=$name" >> $GITHUB_OUTPUT
@@ -299,7 +315,7 @@ jobs:
           dest="s3://packages-dev.internal.wazuh.com/development/wazuh/5.x/main/packages/"
           aws s3 cp "$src" "$dest"
           s3uri="${dest}${{ steps.package.outputs.name }}"
-          echo "S3 URI: ${s3uri}"
+          echo "::notice::S3 URI: ${s3uri}"
 
       - name: Upload checksum to S3
         if: ${{ inputs.upload && inputs.checksum }}
@@ -308,4 +324,4 @@ jobs:
           dest="s3://packages-dev.internal.wazuh.com/development/wazuh/5.x/main/packages/"
           aws s3 cp "$src" "$dest"
           s3uri="${dest}${{ steps.package.outputs.name }}.sha512"
-          echo "S3 sha512 URI: ${s3uri}"
+          echo "::notice::S3 sha512 URI: ${s3uri}"

build-scripts/README.md

@@ -2,7 +2,7 @@
 
 > [!CAUTION]
 >
-> Be aware that there might be some problems while following the steps in this guide due to outdated information. 
+> Be aware that there might be some problems while following the steps in this guide due to outdated information.
 > This document is pending a review. Let us know if you find any issues.
 
 The packages' generation process consists on 2 steps:
@@ -235,7 +235,7 @@ them, as well as their inputs and outputs.
 scripts:
   - file: build.sh
     description: |
-      generates a distribution package by running the appropiate Gradle task 
+      generates a distribution package by running the appropiate Gradle task
       depending on the parameters.
     inputs:
       architecture: [x64, arm64] # Note: we only build x86_64 packages
@@ -246,7 +246,7 @@ scripts:
 
   - file: assemble.sh
     description: |
-      bundles the wazuh-indexer package generated in by build.sh with plugins, 
+      bundles the wazuh-indexer package generated in by build.sh with plugins,
       configuration files and demo certificates (certificates yet to come).
     inputs:
       architecture: [x64, arm64] # Note: we only build x86_64 packages
@@ -264,6 +264,8 @@ scripts:
       architecture: [x64, arm64] # Note: we only build x86_64 packages
       distribution: [tar, deb, rpm]
       revision: revision number. 0 by default.
+      plugins_hash: Commit hash of the `wazuh-indexer-plugins` repository.
+      reporting_hash: Commit hash of the `wazuh-indexer-reporting` repository.
       is_release: if set, uses release naming convention.
       is_min: if set, the package name will start by `wazuh-indexer-min`. Used on the build stage.
     outputs:

build-scripts/baptizer.sh

@@ -10,6 +10,8 @@ function usage() {
     echo -e "-a ARCHITECTURE\t[Optional] Build architecture, default is 'uname -m'."
     echo -e "-d DISTRIBUTION\t[Optional] Distribution, default is 'tar'."
     echo -e "-r REVISION\t[Optional] Package revision, default is '0'."
+    echo -e "-l PLUGINS_HASH\t[Optional] Commit hash from the wazuh-indexer-plugins repository"
+    echo -e "-e REPORTING_HASH\t[Optional] Commit hash from the wazuh-indexer-reporting repository"
     echo -e "-m MIN\t[Optional] Use naming convention for minimal packages, default is 'false'."
     echo -e "-x RELEASE\t[Optional] Use release naming convention, default is 'false'."
     echo -e "-h help"
@@ -20,7 +22,7 @@ function usage() {
 # ====
 function parse_args() {
 
-    while getopts ":h:p:a:d:r:mx" arg; do
+    while getopts ":h:p:a:d:r:l:e:mx" arg; do
         case $arg in
         h)
             usage
@@ -38,6 +40,12 @@ function parse_args() {
         r)
             REVISION=$OPTARG
             ;;
+        l)
+            PLUGINS_HASH=$OPTARG
+            ;;
+        e)
+            REPORTING_HASH=$OPTARG
+            ;;
         m)
             IS_MIN=true
             ;;
@@ -122,11 +130,17 @@ function get_release_name() {
 # Naming convention for pre-release packages
 # ====
 function get_devel_name() {
+    PREFIX=wazuh-indexer
+    COMMIT_HASH=$GIT_COMMIT
+    # Add -min to the prefix if corresponds
     if "$IS_MIN"; then
-        PACKAGE_NAME=wazuh-indexer-min_"$VERSION"-"$REVISION"_"$SUFFIX"_"$GIT_COMMIT"."$EXT"
-    else
-        PACKAGE_NAME=wazuh-indexer_"$VERSION"-"$REVISION"_"$SUFFIX"_"$GIT_COMMIT"."$EXT"
+        PREFIX="$PREFIX"-min
+    fi
+    # Generate composed commit hash
+    if [ -n "$PLUGINS_HASH" ] && [ -n "$REPORTING_HASH" ]; then
+        COMMIT_HASH="$GIT_COMMIT"-"$PLUGINS_HASH"-"$REPORTING_HASH"
     fi
+    PACKAGE_NAME="$PREFIX"_"$VERSION"-"$REVISION"_"$SUFFIX"_"$COMMIT_HASH"."$EXT"
 }
 
 # ====