---
name: Wazuh-CentOS-Single-Instance
on: [pull_request, workflow_dispatch, release]
jobs:
  start-runner:
    name: Start self-hosted EC2 runner
    runs-on: ubuntu-22.04
    outputs:
      label: ${{ steps.start-ec2-runner.outputs.label }}
      ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }}
    steps:
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ secrets.AWS_REGION }}
      - name: Start EC2 runner
        id: start-ec2-runner
        uses: machulav/ec2-github-runner@v2
        with:
          mode: start
          github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
          ec2-image-id: ${{ secrets.CENTOS8_AMI_ID }}
          ec2-instance-type: t3.small
          subnet-id: ${{ secrets.SUBNET_ID }}
          security-group-id: ${{ secrets.SG_ID }}
          aws-resource-tags: > # optional, requires additional permissions
            [
              {"Key": "Name", "Value": "wazuh-ansible-gh-runner-wazuh"},
              {"Key": "GitHubRepository", "Value": "${{ github.repository }}"},
              {"Key": "team", "Value": "CICD"},
              {"Key": "termination_date", "Value": "2022-12-31 21:00:00"}
            ]
  install-wazuh-single-instance:
    name: Installs Wazuh server single instance
    needs: start-runner # required to start the main job when the runner is ready
    runs-on: ${{ needs.start-runner.outputs.label }} # run the job on the newly created runner
    steps:
      - name: Check out the codebase.
        uses: actions/checkout@v2
      - name: Hack to get setup-python to work on act. See act issue 251
        run: |
          if [ ! -f "/etc/lsb-release" ] ; then
            echo "DISTRIB_RELEASE=18.04" > /etc/lsb-release
          fi
      - name: Set up Python 3.
        uses: actions/setup-python@v2
        with:
          python-version: '3.x'
      - name: Ansible Playbook run Wazuh Single instance
        run: ansible-playbook ./.github/playbooks/single-wazuh.yml
        env:
          PY_COLORS: '1'
          ANSIBLE_FORCE_COLOR: '1'
  stop-runner:
    name: Stop self-hosted EC2 runner
    needs:
      - start-runner # required to get output from the start-runner job
      - install-wazuh-single-instance # required to wait when the main job is done
    runs-on: ubuntu-22.04
    if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs
    steps:
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ secrets.AWS_REGION }}
      - name: Stop EC2 runner
        uses: machulav/ec2-github-runner@v2
        with:
          mode: stop
          github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
          label: ${{ needs.start-runner.outputs.label }}
          ec2-instance-id: ${{ needs.start-runner.outputs.ec2-instance-id }}