diff --git a/.github/workflows/centos_aio.yml b/.github/workflows/centos_aio.yml new file mode 100644 index 00000000..24532959 --- /dev/null +++ b/.github/workflows/centos_aio.yml @@ -0,0 +1,76 @@ +--- +name: AIO-Single-Instance +on: [push, pull_request, workflow_dispatch, release] +jobs: + start-runner: + name: Start self-hosted EC2 runner + runs-on: ubuntu-latest + outputs: + label: ${{ steps.start-ec2-runner.outputs.label }} + ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }} + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Start EC2 runner + id: start-ec2-runner + uses: machulav/ec2-github-runner@v2 + with: + mode: start + github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + ec2-image-id: ${{ secrets.CENTOS8_AMI_ID }} + ec2-instance-type: t3a.large + subnet-id: ${{ secrets.SUBNET_ID }} + security-group-id: ${{ secrets.SG_ID }} + aws-resource-tags: > # optional, requires additional permissions + [ + {"Key": "Name", "Value": "wazuh-ansible-gh-runner-aio"}, + {"Key": "GitHubRepository", "Value": "${{ github.repository }}"}, + {"Key": "team", "Value": "CICD"}, + {"Key": "termination_Date", "Value": "N/A"} + ] + install-aio-single-instance: + name: Installs AIO single instance + needs: start-runner # required to start the main job when the runner is ready + runs-on: ${{ needs.start-runner.outputs.label }} # run the job on the newly created runner + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + - name: Hack to get setup-python to work on act. See act issue 251 + run: | + if [ ! -f "/etc/lsb-release" ] ; then + echo "DISTRIB_RELEASE=18.04" > /etc/lsb-release + fi + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + - name: Ansible Playbook run Wazuh AIO Single instance + run: ansible-playbook ./.github/playbooks/aio-wazuh.yml + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + stop-runner: + name: Stop self-hosted EC2 runner + needs: + - start-runner # required to get output from the start-runner job + - install-aio-single-instance # required to wait when the main job is done + runs-on: ubuntu-latest + if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Stop EC2 runner + uses: machulav/ec2-github-runner@v2 + with: + mode: stop + github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + label: ${{ needs.start-runner.outputs.label }} + ec2-instance-id: ${{ needs.start-runner.outputs.ec2-instance-id }} \ No newline at end of file diff --git a/.github/workflows/centos_wazuh.yml b/.github/workflows/centos_wazuh.yml new file mode 100644 index 00000000..74725392 --- /dev/null +++ b/.github/workflows/centos_wazuh.yml @@ -0,0 +1,76 @@ +--- +name: Wazuh-Single-Instance +on: [push, pull_request, workflow_dispatch, release] +jobs: + start-runner: + name: Start self-hosted EC2 runner + runs-on: ubuntu-latest + outputs: + label: ${{ steps.start-ec2-runner.outputs.label }} + ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }} + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Start EC2 runner + id: start-ec2-runner + uses: machulav/ec2-github-runner@v2 + with: + mode: start + github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + ec2-image-id: ${{ secrets.CENTOS8_AMI_ID }} + ec2-instance-type: t3.small + subnet-id: ${{ secrets.SUBNET_ID }} + security-group-id: ${{ secrets.SG_ID }} + aws-resource-tags: > # optional, requires additional permissions + [ + {"Key": "Name", "Value": "wazuh-ansible-gh-runner-wazuh"}, + {"Key": "GitHubRepository", "Value": "${{ github.repository }}"}, + {"Key": "team", "Value": "CICD"}, + {"Key": "termination_Date", "Value": "N/A"} + ] + install-wazuh-single-instance: + name: Installs Wazuh server single instance + needs: start-runner # required to start the main job when the runner is ready + runs-on: ${{ needs.start-runner.outputs.label }} # run the job on the newly created runner + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + - name: Hack to get setup-python to work on act. See act issue 251 + run: | + if [ ! -f "/etc/lsb-release" ] ; then + echo "DISTRIB_RELEASE=18.04" > /etc/lsb-release + fi + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + - name: Ansible Playbook run Wazuh Single instance + run: ansible-playbook ./.github/playbooks/single-wazuh.yml + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + stop-runner: + name: Stop self-hosted EC2 runner + needs: + - start-runner # required to get output from the start-runner job + - install-wazuh-single-instance # required to wait when the main job is done + runs-on: ubuntu-latest + if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Stop EC2 runner + uses: machulav/ec2-github-runner@v2 + with: + mode: stop + github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + label: ${{ needs.start-runner.outputs.label }} + ec2-instance-id: ${{ needs.start-runner.outputs.ec2-instance-id }} \ No newline at end of file diff --git a/.github/workflows/ubuntu_aio.yml b/.github/workflows/ubuntu_aio.yml new file mode 100644 index 00000000..1469bdd4 --- /dev/null +++ b/.github/workflows/ubuntu_aio.yml @@ -0,0 +1,76 @@ +--- +name: AIO-Single-Instance +on: [push, pull_request, workflow_dispatch, release] +jobs: + start-runner: + name: Start self-hosted EC2 runner + runs-on: ubuntu-latest + outputs: + label: ${{ steps.start-ec2-runner.outputs.label }} + ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }} + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Start EC2 runner + id: start-ec2-runner + uses: machulav/ec2-github-runner@v2 + with: + mode: start + github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + ec2-image-id: ${{ secrets.UBUNTU2204_AMI_ID }} + ec2-instance-type: t3a.large + subnet-id: ${{ secrets.SUBNET_ID }} + security-group-id: ${{ secrets.SG_ID }} + aws-resource-tags: > # optional, requires additional permissions + [ + {"Key": "Name", "Value": "wazuh-ansible-gh-runner-aio"}, + {"Key": "GitHubRepository", "Value": "${{ github.repository }}"}, + {"Key": "team", "Value": "CICD"}, + {"Key": "termination_Date", "Value": "N/A"} + ] + install-aio-single-instance: + name: Installs AIO single instance + needs: start-runner # required to start the main job when the runner is ready + runs-on: ${{ needs.start-runner.outputs.label }} # run the job on the newly created runner + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + - name: Hack to get setup-python to work on act. See act issue 251 + run: | + if [ ! -f "/etc/lsb-release" ] ; then + echo "DISTRIB_RELEASE=18.04" > /etc/lsb-release + fi + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + - name: Ansible Playbook run Wazuh AIO Single instance + run: ansible-playbook ./.github/playbooks/aio-wazuh.yml + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + stop-runner: + name: Stop self-hosted EC2 runner + needs: + - start-runner # required to get output from the start-runner job + - install-aio-single-instance # required to wait when the main job is done + runs-on: ubuntu-latest + if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Stop EC2 runner + uses: machulav/ec2-github-runner@v2 + with: + mode: stop + github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + label: ${{ needs.start-runner.outputs.label }} + ec2-instance-id: ${{ needs.start-runner.outputs.ec2-instance-id }} \ No newline at end of file diff --git a/.github/workflows/ubuntu_wazuh.yml b/.github/workflows/ubuntu_wazuh.yml new file mode 100644 index 00000000..dd388dd0 --- /dev/null +++ b/.github/workflows/ubuntu_wazuh.yml @@ -0,0 +1,76 @@ +--- +name: Wazuh-Single-Instance +on: [push, pull_request, workflow_dispatch, release] +jobs: + start-runner: + name: Start self-hosted EC2 runner + runs-on: ubuntu-latest + outputs: + label: ${{ steps.start-ec2-runner.outputs.label }} + ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }} + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Start EC2 runner + id: start-ec2-runner + uses: machulav/ec2-github-runner@v2 + with: + mode: start + github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + ec2-image-id: ${{ secrets.UBUNTU2204_AMI_ID }} + ec2-instance-type: t3.small + subnet-id: ${{ secrets.SUBNET_ID }} + security-group-id: ${{ secrets.SG_ID }} + aws-resource-tags: > # optional, requires additional permissions + [ + {"Key": "Name", "Value": "wazuh-ansible-gh-runner-wazuh"}, + {"Key": "GitHubRepository", "Value": "${{ github.repository }}"}, + {"Key": "team", "Value": "CICD"}, + {"Key": "termination_Date", "Value": "N/A"} + ] + install-wazuh-single-instance: + name: Installs Wazuh server single instance + needs: start-runner # required to start the main job when the runner is ready + runs-on: ${{ needs.start-runner.outputs.label }} # run the job on the newly created runner + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + - name: Hack to get setup-python to work on act. See act issue 251 + run: | + if [ ! -f "/etc/lsb-release" ] ; then + echo "DISTRIB_RELEASE=18.04" > /etc/lsb-release + fi + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + - name: Ansible Playbook run Wazuh Single instance + run: ansible-playbook ./.github/playbooks/single-wazuh.yml + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + stop-runner: + name: Stop self-hosted EC2 runner + needs: + - start-runner # required to get output from the start-runner job + - install-wazuh-single-instance # required to wait when the main job is done + runs-on: ubuntu-latest + if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Stop EC2 runner + uses: machulav/ec2-github-runner@v2 + with: + mode: stop + github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + label: ${{ needs.start-runner.outputs.label }} + ec2-instance-id: ${{ needs.start-runner.outputs.ec2-instance-id }} \ No newline at end of file