Automate package's testing (#178)

AlexRuiz7 · AlexRuiz7 · commit f152f8161115 · 2024-09-09T11:46:20.000+02:00
* Attemtp to automate package's testing

* Fix typo

* Add sudo

* Split test steps and manage errors

* Add --no-pager to journalctl

* Add certs generator

* Improve error handling

* Update r_test.yml

Fix indentation

Signed-off-by: Álex Ruiz &lt;alejandro.ruiz.becerra@wazuh.com&gt;

* Fix error handling

* Add testing of RPM packages

* Improve multi-os testing

* Add TEST env var

* Add braces to if conditionals

* Remove all curly braches from if conditionals

* braces again

* Install RPM package in Docker

* Remove sudo for RPM installation

* Bind artifacts/dist to RPM docker test container

* Bind artifacts/dist to RPM docker test container

* Avoid prompt during yum install

* Fix bind volume

---------

Signed-off-by: Álex Ruiz &lt;alejandro.ruiz.becerra@wazuh.com&gt;
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -6,7 +6,7 @@ on:
   push:
     # Sequence of patterns matched against refs/heads
     branches:
-      - 'ci/*'
+      - "ci/*"
   workflow_dispatch:
     inputs:
       revision:
@@ -36,7 +36,7 @@ jobs:
     uses: ./.github/workflows/r_commit_sha.yml
 
   build:
-    needs: [ version, commit_sha ]
+    needs: [version, commit_sha]
     strategy:
       matrix:
         distribution: [tar, rpm, deb]
@@ -64,3 +64,13 @@ jobs:
       architecture: ${{ matrix.architecture }}
       distribution: ${{ matrix.distribution }}
       min: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '1' || inputs.revision }}-${{ matrix.architecture }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.distribution }}
+
+  test:
+    needs: [version, commit_sha, assemble]
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [{ suffix: "amd64", ext: "deb" }, { suffix: "x86_64", ext: "rpm" }]
+    uses: ./.github/workflows/r_test.yml
+    with:
+      package: wazuh-indexer-${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '1' || inputs.revision }}_${{ matrix.os.suffix }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.os.ext }}
diff --git a/.github/workflows/r_assemble.yml b/.github/workflows/r_assemble.yml
@@ -1,5 +1,8 @@
 name: Assemble (reusable)
 
+env:
+  TEST: true
+
 # This workflow runs when any of the following occur:
 # - Run from another workflow
 on:
diff --git a/.github/workflows/r_test.yml b/.github/workflows/r_test.yml
@@ -0,0 +1,88 @@
+name: Test (reusable)
+
+# This workflow runs when any of the following occur:
+# - Run from another workflow
+on:
+  workflow_call:
+    inputs:
+      package:
+        description: "The name of the package to download."
+        required: true
+        type: string
+
+jobs:
+  r_test_rpm:
+    if: ${{ endsWith(inputs.package, 'rpm') }}
+    runs-on: ubuntu-latest
+    # Permissions to upload the package
+    permissions:
+      packages: read
+      contents: read
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ inputs.package }}
+          path: artifacts/dist
+
+      - name: Install package
+        uses: addnab/docker-run-action@v3
+        with:
+          image: redhat/ubi9:latest
+          options: -v ${{ github.workspace }}/artifacts/dist:/artifacts/dist
+          run: |
+            yum localinstall "/artifacts/dist/${{ inputs.package }}" -y
+
+  r_test_deb:
+    if: ${{ endsWith(inputs.package, 'deb') }}
+    runs-on: ubuntu-latest
+    # Permissions to upload the package
+    permissions:
+      packages: read
+      contents: read
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ inputs.package }}
+          path: artifacts/dist
+
+      - name: Install package
+        run: |
+          sudo dpkg -i "artifacts/dist/${{ inputs.package }}"
+
+      - uses: actions/checkout@v4
+      - name: Generate and deploy certificates
+        uses: addnab/docker-run-action@v3
+        with:
+          image: wazuh/wazuh-certs-generator:0.0.1
+          options: -v ${{ github.workspace }}/integrations/docker/config/certs.yml:/config/certs.yml -v /etc/wazuh-indexer/certs:/certs
+          shell: sh
+          run: |
+            mkdir -p /certificates /certs
+            /entrypoint.sh
+            chown -R 1000:999 /certificates
+            chmod 740 /certificates
+            chmod 440 /certificates/*
+
+            mv /certificates/wazuh.indexer-key.pem  /certs/indexer-key.pem
+            mv /certificates/wazuh.indexer.pem      /certs/indexer.pem
+            mv /certificates/root-ca.pem            /certs/root-ca.pem
+            ls /certs
+
+      - run: sudo systemctl daemon-reload
+      - run: |
+          if ! sudo systemctl enable wazuh-indexer.service; then
+              sudo journalctl --no-pager -u wazuh-indexer.service
+              exit 1
+          fi
+      - run: |
+          if ! sudo systemctl start wazuh-indexer; then
+            sudo journalctl --no-pager -u wazuh-indexer.service
+            exit 1
+          fi
+      - run: |
+          if ! sudo systemctl status --no-pager wazuh-indexer -n 100; then
+            sudo journalctl --no-pager -u wazuh-indexer.service
+            exit 1
+          fi
