wazuh-docker-mirror/.github/workflows/push.yml

name: Wazuh Docker pipeline

on: [pull_request, push]

jobs:
  build-stack:
    runs-on: ubuntu-latest
    steps:

    - name: Check out code
      uses: actions/checkout@v3

##    - name: Build Wazuh images
##      run: ./build.sh

    - name: Create enviroment variables
      run: cat .env > $GITHUB_ENV

    - name: Install Goss
      uses: e1himself/goss-installation-action@v1.0.3
      with:
        version: v0.3.16

##    - name: Execute Goss tests (wazuh-manager)
##      run: dgoss run wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}}
##      env:
##        GOSS_SLEEP: 30
##        GOSS_FILE: .github/.goss.yaml

    - name: Create single node certficates
      run: docker-compose -f single-node/generate-indexer-certs.yml run --rm generator

    - name: Start single node stack
      run: docker-compose -f single-node/docker-compose.yml up -d

    - name: Check Wazuh indexer start
      run: |
       sleep 60
       curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k

    - name: Check Wazuh indexer nodes
      run: |
       nodes="`curl -XGET "https://0.0.0.0:9200/_cat/nodes" -u admin:SecretPassword -k  | grep -E "indexer" | wc -l`"
       if [[ $nodes -eq 1 ]]; then
        echo "Wazuh indexer nodes: ${nodes}"
       else
        echo "Wazuh indexer nodes: ${nodes}"
        exit 1
       fi

    - name: Check Wazuh manager start
      run: |
        curl -k -X GET "https://0.0.0.0:55000/cluster/nodes" -H "Authorization: Bearer ${{env.TOKEN}}"
      env:
        TOKEN: $(curl -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")

    - name: Check Wazuh dashboard service URL
      run: curl -XGET --silent  https://0.0.0.0:443/app/status -k -u admin:SecretPassword -I | grep -E "^HTTP" | awk  '{print $2}'

    - name: Stop single node stack
      run: docker-compose -f single-node/docker-compose.yml down

    - name: Create multi node certficates
      run: docker-compose -f multi-node/generate-indexer-certs.yml run --rm generator

    - name: Start multi node stack
      run: docker-compose -f multi-node/docker-compose.yml up -d

    - name: Check Wazuh indexer start
      run: |
       sleep 120
       curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k

    - name: Check Wazuh indexer nodes
      run: |
       nodes="`curl -XGET "https://0.0.0.0:9200/_cat/nodes" -u admin:SecretPassword -k  | grep -E "indexer" | wc -l`"
       if [[ $nodes -eq 3 ]]; then
        echo "Wazuh indexer nodes: ${nodes}"
       else
        echo "Wazuh indexer nodes: ${nodes}"
        exit 1
       fi

    - name: Check Wazuh manager start
      run: |
        wget https://packages.wazuh.com/4.3/wazuh-certs-tool.sh -o wazuh-certs-tool.sh
        source ./wazuh-certs-tool.sh >> /dev/null
        nodes="`curl -k -X GET "https://0.0.0.0:55000/cluster/nodes" -H "Authorization: Bearer ${{env.TOKEN}}"`"
        cert_parseYaml $nodes

      env:
        TOKEN: $(curl -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")


    - name: Check Wazuh dashboard service URL
      run: curl -XGET --silent  https://0.0.0.0:443/app/status -k -u admin:SecretPassword -I | grep -E "^HTTP" | awk  '{print $2}'