Skip to content

Commit 68e5c0e

Browse files
osmonteroosmontero
committed
Merge remote-tracking branch 'origin/main'
2 parents 8747f86 + 433e911 commit 68e5c0e

File tree

275 files changed

+4691
-8784
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

275 files changed

+4691
-8784
lines changed

.github/scripts/agent-deploy.py

Lines changed: 0 additions & 80 deletions
This file was deleted.

.github/workflows/alpha-deployment.yml

Lines changed: 20 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -22,23 +22,32 @@ jobs:
2222
if [[ "${{ github.event.inputs.version_tag }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+-alpha\.[0-9]+$ ]]; then
2323
echo "✅ Version tag format is correct."
2424
25-
if [[ "${ github.ref }" =~ ^refs/heads/(release/|feature/) ]]; then
26-
echo "✅ Base branch ${ github.ref } is valid."
25+
if [[ "${{ github.ref }}" =~ ^refs/heads/(release/|feature/) ]]; then
26+
echo "✅ Base branch ${{ github.ref }} is valid."
2727
else
28-
echo "⛔ ERROR: Base branch ${ github.ref } is not valid. It should be release/ or feature/."
28+
echo "⛔ ERROR: Base branch ${{ github.ref }} is not valid. It should be release/ or feature/."
2929
exit 1
3030
fi
3131
3232
echo "Validating user permissions..."
33-
RESPONSE=$(curl -s -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
33+
RESPONSE=$(curl -s -H "Authorization: Bearer ${{ secrets.API_SECRET }}" \
3434
-H "Accept: application/vnd.github.json" \
3535
"https://api.github.com/orgs/utmstack/teams/integration-developers/memberships/${{ github.actor }}")
3636
3737
if echo "$RESPONSE" | grep -q '"state": "active"'; then
3838
echo "✅ User ${{ github.actor }} is a member of the integration-developers team."
3939
else
40-
echo "⛔ ERROR: User ${{ github.actor }} is not a member of the integration-developers team."
41-
exit 1
40+
RESPONSE=$(curl -s -H "Authorization: Bearer ${{ secrets.API_SECRET }}" \
41+
-H "Accept: application/vnd.github.json" \
42+
"https://api.github.com/orgs/utmstack/teams/core-developers/memberships/${{ github.actor }}")
43+
44+
if echo "$RESPONSE" | grep -q '"state": "active"'; then
45+
echo "✅ User ${{ github.actor }} is a member of the core-developers team."
46+
else
47+
echo "⛔ ERROR: User ${{ github.actor }} is not a member of the core-developers or integration-developers team."
48+
echo $RESPONSE
49+
exit 1
50+
fi
4251
fi
4352
4453
else
@@ -47,17 +56,16 @@ jobs:
4756
fi
4857
4958
deploy:
50-
name: Deploy
59+
name: Deploy to Alpha
5160
needs: validations
5261
uses: ./.github/workflows/build.yml
5362
with:
5463
version_tag: ${{ github.event.inputs.version_tag }}
5564
event_processor_tag: ${{ github.event.inputs.event_processor_tag }}
5665
environment: alpha
57-
ghcr_token: ${{ secrets.GITHUB_TOKEN }}
58-
sign_cert: ${{ vars.SIGN_CERT }}
59-
sign_key: ${{ secrets.SIGN_KEY }}
60-
sign_container: ${{ secrets.SIGN_CONTAINER }}
61-
env:
66+
secrets:
67+
AGENT_SECRET_PREFIX: ${{ secrets.AGENT_SECRET_PREFIX }}
68+
SIGN_KEY: ${{ secrets.SIGN_KEY }}
69+
SIGN_CONTAINER: ${{ secrets.SIGN_CONTAINER }}
6270
CM_AUTH: ${{ secrets.CM_AUTH_ALPHA }}
6371

.github/workflows/beta-deployment.yml

Lines changed: 10 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -22,10 +22,10 @@ jobs:
2222
if [[ "${{ github.event.inputs.version_tag }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+-beta\.[0-9]+$ ]]; then
2323
echo "✅ Version tag format is correct."
2424
25-
if [[ "${ github.ref }" =~ ^refs/heads/(release/|feature/) ]]; then
26-
echo "✅ Base branch ${ github.ref } is valid."
25+
if [[ "${{ github.ref }}" =~ ^refs/heads/(release/|feature/) ]]; then
26+
echo "✅ Base branch ${{ github.ref }} is valid."
2727
else
28-
echo "⛔ ERROR: Base branch ${ github.ref } is not valid. It should be release/ or feature/."
28+
echo "⛔ ERROR: Base branch ${{ github.ref }} is not valid. It should be release/ or feature/."
2929
exit 1
3030
fi
3131
@@ -38,7 +38,7 @@ jobs:
3838
echo "✅ User ${{ github.actor }} is a member of the core-developers team."
3939
else
4040
echo "⛔ ERROR: User ${{ github.actor }} is not a member of the core-developers team."
41-
exit 1
41+
exit 1
4242
fi
4343
4444
else
@@ -47,17 +47,16 @@ jobs:
4747
fi
4848
4949
deploy:
50-
name: Deploy
50+
name: Deploy to Beta
5151
needs: validations
5252
uses: ./.github/workflows/build.yml
5353
with:
5454
version_tag: ${{ github.event.inputs.version_tag }}
5555
event_processor_tag: ${{ github.event.inputs.event_processor_tag }}
5656
environment: beta
57-
ghcr_token: ${{ secrets.GITHUB_TOKEN }}
58-
sign_cert: ${{ vars.SIGN_CERT }}
59-
sign_key: ${{ secrets.SIGN_KEY }}
60-
sign_container: ${{ secrets.SIGN_CONTAINER }}
61-
env:
62-
CM_AUTH: ${{ secrets.CM_AUTH_BETA }}
57+
secrets:
58+
AGENT_SECRET_PREFIX: ${{ secrets.AGENT_SECRET_PREFIX }}
59+
SIGN_KEY: ${{ secrets.SIGN_KEY }}
60+
SIGN_CONTAINER: ${{ secrets.SIGN_CONTAINER }}
61+
CM_AUTH: ${{ secrets.CM_AUTH_ALPHA }}
6362

.github/workflows/build.yml

Lines changed: 39 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -12,18 +12,16 @@ on:
1212
environment:
1313
required: true
1414
type: string
15-
ghcr_token:
15+
secrets:
16+
AGENT_SECRET_PREFIX:
1617
required: true
17-
type: string
18-
sign_cert:
18+
SIGN_KEY:
1919
required: true
20-
type: string
21-
sign_key:
20+
SIGN_CONTAINER:
2221
required: true
23-
type: string
24-
sign_container:
22+
CM_AUTH:
2523
required: true
26-
type: string
24+
2725

2826
jobs:
2927
build_images:
@@ -49,7 +47,7 @@ jobs:
4947

5048
- name: Login to GitHub Container Registry
5149
run: |
52-
docker login ghcr.io -u utmstack -p ${{ inputs.ghcr_token }}
50+
docker login ghcr.io -u utmstack -p ${{ secrets.GITHUB_TOKEN }}
5351
echo "Logged in to GitHub Container Registry"
5452
5553
- name: Download base images
@@ -59,47 +57,53 @@ jobs:
5957
6058
- name: Build Agent
6159
run: |
62-
cd ${{ github.workspace }}/agent/service/config; (Get-Content const.go) | Foreach-Object { $_ -replace 'const REPLACE_KEY string = ""', 'const REPLACE_KEY string = "${{ secrets.AGENT_SECRET_PREFIX }}"' } | Set-Content const.go
60+
cd ${{ github.workspace }}/agent/config; (Get-Content const.go) | Foreach-Object { $_ -replace 'const REPLACE_KEY string = ""', 'const REPLACE_KEY string = "${{ secrets.AGENT_SECRET_PREFIX }}"' } | Set-Content const.go
6361
64-
$env:GOOS = "linux"
6562
$env:GOARCH = "amd64"
66-
cd ${{ github.workspace }}/agent/service; go build -o utmstack_agent_service -v .
67-
cd ${{ github.workspace }}/agent/installer; go build -o utmstack_agent_installer -v .
68-
63+
$env:GOOS = "linux"
64+
cd ${{ github.workspace }}/agent
65+
go build -o utmstack_agent -v .
66+
6967
$env:GOOS = "windows"
70-
cd ${{ github.workspace }}/agent/service; go build -o utmstack_agent_service.exe -v .
71-
signtool sign /fd SHA256 /tr http://timestamp.digicert.com /td SHA256 /f "${{ inputs.sign_cert }}" /csp "eToken Base Cryptographic Provider" /k "[{{${{ inputs.sign_key }}}}]=${{ inputs.sign_container }}" "utmstack_agent_service.exe"
72-
cd ${{ github.workspace }}/agent/installer; go build -o utmstack_agent_installer.exe -v .
73-
signtool sign /fd SHA256 /tr http://timestamp.digicert.com /td SHA256 /f "${{ inputs.sign_cert }}" /csp "eToken Base Cryptographic Provider" /k "[{{${{ inputs.sign_key }}}}]=${{ inputs.sign_container }}" "utmstack_agent_installer.exe"
68+
go build -o utmstack_agent.exe -v .
69+
signtool sign /fd SHA256 /tr http://timestamp.digicert.com /td SHA256 /f "${{ vars.SIGN_CERT }}" /csp "eToken Base Cryptographic Provider" /k "[{{${{ secrets.SIGN_KEY }}}}]=${{ secrets.SIGN_CONTAINER }}" "utmstack_agent.exe"
7470

71+
New-Item -ItemType Directory -Force -Path "./dependencies/"
7572
Copy-Item -Path "C:/dependencies/${{ inputs.environment }}/agent/*" -Destination "./dependencies/"
7673

7774
echo "Agent build completed"
7875

7976
- name: Build Plugins
8077
run: |
81-
export GOOS=linux
82-
export GOARCH=amd64
83-
cd ${{ github.workspace }}/plugins
84-
make build
78+
$env:GOOS = "linux"
79+
$env:GOARCH = "amd64"
80+
cd ${{ github.workspace }}/plugins/alerts; go build -o com.utmstack.alerts.plugin -v .
81+
cd ${{ github.workspace }}/plugins/aws; go build -o com.utmstack.aws.plugin -v .
82+
cd ${{ github.workspace }}/plugins/azure; go build -o com.utmstack.azure.plugin -v .
83+
cd ${{ github.workspace }}/plugins/bitdefender; go build -o com.utmstack.bitdefender.plugin -v .
84+
cd ${{ github.workspace }}/plugins/config; go build -o com.utmstack.config.plugin -v .
85+
cd ${{ github.workspace }}/plugins/events; go build -o com.utmstack.events.plugin -v .
86+
cd ${{ github.workspace }}/plugins/gcp; go build -o com.utmstack.gcp.plugin -v .
87+
cd ${{ github.workspace }}/plugins/geolocation; go build -o com.utmstack.geolocation.plugin -v .
88+
cd ${{ github.workspace }}/plugins/inputs; go build -o com.utmstack.inputs.plugin -v .
89+
cd ${{ github.workspace }}/plugins/o365; go build -o com.utmstack.o365.plugin -v .
90+
cd ${{ github.workspace }}/plugins/sophos; go build -o com.utmstack.sophos.plugin -v .
91+
cd ${{ github.workspace }}/plugins/stats; go build -o com.utmstack.stats.plugin -v .
8592
8693
- name: Build Event Processor Image
8794
run: |
8895
New-Item -ItemType Directory -Force -Path "./geolocation/"
8996
Copy-Item -Path "C:/dependencies/${{ inputs.environment }}/geolocation/*" -Destination "./geolocation/"
90-
91-
docker build -t ghcr.io/utmstack/utmstack/eventprocessor:${{ inputs.version_tag }}-community \
92-
--build-arg BASE_IMAGE=ghcr.io/threatwinds/eventprocessor/base:${{ inputs.event_processor_tag }} \
93-
-f ./event_processor.Dockerfile \
94-
.
97+
docker build -t ghcr.io/utmstack/utmstack/eventprocessor:${{ inputs.version_tag }}-community --build-arg BASE_IMAGE=ghcr.io/threatwinds/eventprocessor/base:${{ inputs.event_processor_tag }} -f ./event_processor.Dockerfile .
9598
echo "Event Processor image built"
9699
97100
- name: Build Agent Manager Image
98101
run: |
99-
go build -o ./agent-manager/agent-manager -v ./agent-manager
100-
docker build -t ghcr.io/utmstack/utmstack/agent-manager:${{ inputs.version_tag }}-community \
101-
-f ./agent-manager/Dockerfile \
102-
.
102+
$env:GOOS = "linux"
103+
$env:GOARCH = "amd64"
104+
cd ${{ github.workspace }}/agent-manager; go build -o agent-manager -v .
105+
cd ${{ github.workspace }}
106+
docker build -t ghcr.io/utmstack/utmstack/agent-manager:${{ inputs.version_tag }}-community -f ./agent-manager/Dockerfile .
103107
echo "Agent Manager image built"
104108
105109
- name: Push images with dependencies
@@ -112,11 +116,12 @@ jobs:
112116
run: |
113117
echo "Pushing new release..."
114118
$changelog = Get-Content -Path "CHANGELOG.md" -Raw
119+
$changelog = [string]$changelog
115120
116-
$cmAuth = $env:CM_AUTH | ConvertFrom-Json
121+
$cmAuth = '${{ secrets.CM_AUTH }}' | ConvertFrom-Json
117122
118123
$body = @{
119-
version = ${{ inputs.version_tag }}
124+
version = '${{ inputs.version_tag }}'
120125
changelog = $changelog
121126
images = "ghcr.io/utmstack/utmstack/backend,ghcr.io/utmstack/utmstack/frontend,ghcr.io/utmstack/utmstack/user-auditor,ghcr.io/utmstack/utmstack/web-pdf,ghcr.io/utmstack/utmstack/eventprocessor,ghcr.io/utmstack/utmstack/agent-manager"
122127
edition = "community"
@@ -131,4 +136,4 @@ jobs:
131136
-Body $body `
132137
-ContentType "application/json"
133138
134-
$response
139+
$response

.github/workflows/images-without-dependencies.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@ jobs:
5757
name: Java 11 deployment
5858
needs: prepare_deployment
5959
if: ${{ needs.prepare_deployment.outputs.tech == 'java-11' }}
60-
uses: ./.github/workflows/used-docker-java-11.yml
60+
uses: ./.github/workflows/used-docker-java-11-new.yml
6161
with:
6262
image_name: ${{ inputs.microservice }}
6363
tag: ${{inputs.tag}}-community
@@ -70,4 +70,4 @@ jobs:
7070
uses: ./.github/workflows/used-docker-java.yml
7171
with:
7272
image_name: ${{ inputs.microservice }}
73-
environment: ${{inputs.tag}}-community
73+
environment: ${{inputs.tag}}-community

0 commit comments

Comments
 (0)