Wazuh indexer

The packages' generation process is orchestrated by two scripts, which are found within the packaging_scripts folder of the repository:

  • build.sh: compiles the Java application and bundles it into a package.

  • assemble.sh: uses the package from the previous step and inflates it with plugins and configuration files, ready for production deployment.

Official packages are built through a GitHub Actions pipeline, however, the process is designed to be independent enough for maximum portability.

The building process is self-contained in the application code.

The GitHub Actions pipeline can be tested locally with Act.

Pre-requisistes:

  • Clone the wazuh-indexer repository and switch to the appropriate branch:

# git clone https://github.com/wazuh/wazuh-indexer

Build stage

Docker environment

Using the provided Docker environment:

# docker exec -it wi-build_4.9.0 bash packaging_scripts/build.sh -a x64 -d rpm

Local package generation

For local package generation, use the build.sh script.

Take a look at the build.yml workflow file for an example of usage.

# bash packaging_scripts/build.sh -a x64 -d tar -n $(bash packaging_scripts/baptizer.sh -a x64 -d tar -m)

The generated package is sent to the wazuh-indexer/artifacts folder.

Assembly stage

Docker environment

Pre-requisites:

  • Current directory: wazuh-indexer/

  • Existing package in wazuh-indexer/artifacts/dist/{rpm|deb}, as a result of the Build stage.

  • Using the Docker environment:

    # docker exec -it wi-assemble_4.9.0 bash packaging_scripts/assemble.sh -a x64 -d rpm
    

Local package generation

Note

Set the environment variable TEST=true to assemble a package with a minimal set of plugins, speeding up the assembly process.

The assemble.sh script will use the output from the build.sh script and use it as a base to bundle together a final package containing the plugins, the production configuration and the service files.

The script will:

  1. Extract the RPM package using rpm2cpio and cpio tools.

    By default, rpm2cpio and cpio tools expect the package to be in wazuh-indexer/artifacts/tmp/rpm. The script takes care of creating the required folder structure, copying also the min package and the SPEC file.

    Current folder loadout at this stage:

    /rpm/$ARCH
        /etc
        /usr
        /var
        wazuh-indexer-min-*.rpm
        wazuh-indexer.rpm.spec
    

    usr, etc and var folders contain wazuh-indexer files, extracted from wazuh-indexer-min-*.rpm.

    wazuh-indexer.rpm.spec is copied over from wazuh-indexer/distribution/packages/src/rpm/wazuh-indexer.rpm.spec.

    The wazuh-indexer-performance-analyzer.service file is also copied from the same folder.

    It is a dependency of the SPEC file.

  2. Install the plugins using the opensearch-plugin CLI tool.

  3. Set up configuration files.

    Included in min-package. Default files are overwritten.

  4. Bundle an RPM file with rpmbuild and the SPEC file wazuh-indexer.rpm.spec.

    rpmbuild is part of the rpm OS package.

    rpmbuild is invoked from wazuh-indexer/artifacts/tmp/rpm.

    It creates the {BUILD,RPMS,SOURCES,SRPMS,SPECS,TMP} folders and applies the rules in the SPEC file.

    If successful, rpmbuild will generate the package in the RPMS/ folder.

    The script will copy it to wazuh-indexer/artifacts/dist and clean: remove the tmp\ folder and its contents.

    Current folder loadout at this stage:

    /rpm/$ARCH
        /{BUILD,RPMS,SOURCES,SRPMS,SPECS,TMP}
        /etc
        /usr
        /var
        wazuh-indexer-min-*.rpm
        wazuh-indexer.rpm.spec
    

Build and assemble scripts reference

The packages' generation process is guided through bash scripts.

Below is a reference of their inputs, outputs and code:

scripts:
   - file: build.sh
     description: |
        generates a distribution package by running the appropiate Gradle task
        depending on the parameters.
     inputs:
        architecture: [x64, arm64] # Note: we only build x86_64 packages
        distribution: [tar, deb, rpm]
        name: the name of the package to be generated.
     outputs:
        package: minimal wazuh-indexer package for the required distribution.

   - file: assemble.sh
     description: |
        bundles the wazuh-indexer package generated in by build.sh with plugins,
        configuration files and demo certificates (certificates yet to come).
     inputs:
        architecture: [x64, arm64] # Note: we only build x86_64 packages
        distribution: [tar, deb, rpm]
        revision: revision number. 0 by default.
     outputs:
        package: wazuh-indexer package.

   - file: provision.sh
     description: Provision script for the assembly of DEB packages.

   - file: baptizer.sh
     description: generate the wazuh-indexer package name depending on the parameters.
     inputs:
        architecture: [x64, arm64] # Note: we only build x86_64 packages
        distribution: [tar, deb, rpm]
        revision: revision number. 0 by default.
        is_release: if set, uses release naming convention.
        is_min: if set, the package name will start by `wazuh-indexer-min`. Used on the build stage.
     outputs:
        package: the name of the wazuh-indexer package