Merge pull request #1385 from wazuh/enhancement/1256-wazuh-cert-tool

Add Wazuh cert tool image build into Wazuh images build process
wazuh · Jun 12, 2024 · 7eb5d08 · 7eb5d08
2 parents 4ba7cba + 36e7160
commit 7eb5d08
Show file tree

Hide file tree

Showing 11 changed files with 42 additions and 25 deletions.
diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
@@ -22,6 +22,7 @@ jobs:
         docker save wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-manager.tar
         docker save wazuh/wazuh-indexer:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-indexer.tar
         docker save wazuh/wazuh-dashboard:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-dashboard.tar
+        docker save wazuh/wazuh-cert-tool:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-cert-tool.tar
 
     - name: Temporarily save Wazuh manager Docker image
       uses: actions/upload-artifact@v3
@@ -44,6 +45,13 @@ jobs:
         path: /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-dashboard.tar
         retention-days: 1
 
+    - name: Temporarily save Wazuh Cert Tool Docker image
+      uses: actions/upload-artifact@v3
+      with:
+        name: docker-artifact-cert-tool
+        path: /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-cert-tool.tar
+        retention-days: 1
+
     - name: Install Goss
       uses: e1himself/goss-installation-action@v1.0.3
       with:
@@ -81,15 +89,22 @@ jobs:
       with:
         name: docker-artifact-dashboard
 
+    - name: Retrieve saved Wazuh Cert Tool Docker image
+      uses: actions/download-artifact@v3
+      with:
+        name: docker-artifact-cert-tool
+
     - name: Docker load
       run: |
         docker load --input ./wazuh-indexer.tar
         docker load --input ./wazuh-dashboard.tar
         docker load --input ./wazuh-manager.tar
+        docker load --input ./wazuh-cert-tool.tar
+        rm -rf wazuh-manager.tar wazuh-indexer.tar wazuh-dashboard.tar wazuh-cert-tool.tar
 
 
     - name: Create single node certficates
-      run: docker-compose -f single-node/generate-indexer-certs.yml run --rm generator
+      run: docker-compose -f single-node/generate-certs.yml run --rm generator
 
     - name: Start single node stack
       run: docker-compose -f single-node/docker-compose.yml up -d
@@ -212,15 +227,21 @@ jobs:
       with:
         name: docker-artifact-indexer
 
+    - name: Retrieve saved Wazuh Cert Tool Docker image
+      uses: actions/download-artifact@v3
+      with:
+        name: docker-artifact-cert-tool
+
     - name: Docker load
       run: |
-        docker load --input ./wazuh-manager.tar
         docker load --input ./wazuh-indexer.tar
         docker load --input ./wazuh-dashboard.tar
-        rm -rf wazuh-manager.tar wazuh-indexer.tar wazuh-dashboard.tar
+        docker load --input ./wazuh-manager.tar
+        docker load --input ./wazuh-cert-tool.tar
+        rm -rf wazuh-manager.tar wazuh-indexer.tar wazuh-dashboard.tar wazuh-cert-tool.tar
 
     - name: Create multi node certficates
-      run: docker-compose -f multi-node/generate-indexer-certs.yml run --rm generator
+      run: docker-compose -f multi-node/generate-certs.yml run --rm generator
 
     - name: Start multi node stack
       run: docker-compose -f multi-node/docker-compose.yml up -d

diff --git a/README.md b/README.md
@@ -154,7 +154,7 @@ WAZUH_MONITORING_REPLICAS=0         ##
     │   │   └── wazuh_indexer_ssl_certs
     │   │       └── certs.yml
     │   ├── docker-compose.yml
-    │   ├── generate-indexer-certs.yml
+    │   ├── generate-certs.yml
     │   ├── Migration-to-Wazuh-4.3.md
     │   └── volume-migrator.sh
     ├── README.md
@@ -181,7 +181,7 @@ WAZUH_MONITORING_REPLICAS=0         ##
     │   │       ├── wazuh.manager-key.pem
     │   │       └── wazuh.manager.pem
     │   ├── docker-compose.yml
-    │   ├── generate-indexer-certs.yml
+    │   ├── generate-certs.yml
     │   └── README.md
     └── VERSION
 

diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh
@@ -71,6 +71,7 @@ build() {
     echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> .env
 
     docker-compose -f build-docker-images/build-images.yml --env-file .env build --no-cache
+    docker build -t wazuh/wazuh-cert-tool:$WAZUH_IMAGE_VERSION build-docker-images/cert-tool-image/
 
     return 0
 }

diff --git a/indexer-certs-creator/Dockerfile → ...-docker-images/wazuh-cert-tool/Dockerfile b/indexer-certs-creator/Dockerfile → ...-docker-images/wazuh-cert-tool/Dockerfile
@@ -1,7 +1,8 @@
 # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
-FROM ubuntu:focal
+FROM amazonlinux:2023
 
-RUN apt-get update && apt-get install openssl curl -y
+RUN yum install curl-minimal openssl -y &&\
+yum clean all
 
 WORKDIR /
 

diff --git a/indexer-certs-creator/config/entrypoint.sh → ...ages/wazuh-cert-tool/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh → ...ages/wazuh-cert-tool/config/entrypoint.sh
diff --git a/indexer-certs-creator/README.md b/indexer-certs-creator/README.md
diff --git a/multi-node/Migration-to-Wazuh-4.4.md b/multi-node/Migration-to-Wazuh-4.4.md
@@ -354,7 +354,7 @@ docker container run --rm -it \
 ```
 git checkout 4.4
 cd multi-node
-docker-compose -f generate-indexer-certs.yml run --rm generator
+docker-compose -f generate-certs.yml run --rm generator
 docker-compose up -d
 ```
 

diff --git a/multi-node/README.md b/multi-node/README.md
@@ -8,7 +8,7 @@ $ sysctl -w vm.max_map_count=262144
 ```
 2) Run the certificate creation script:
 ```
-$ docker-compose -f generate-indexer-certs.yml run --rm generator
+$ docker-compose -f generate-certs.yml run --rm generator
 ```
 3) Start the environment with docker-compose:
 

diff --git a/single-node/generate-indexer-certs.yml → multi-node/generate-certs.yml b/single-node/generate-indexer-certs.yml → multi-node/generate-certs.yml
@@ -3,8 +3,9 @@ version: '3'
 
 services:
   generator:
-    image: wazuh/wazuh-certs-generator:0.0.2
-    hostname: wazuh-certs-generator
+    image: wazuh/wazuh-cert-tool:5.0.0
+    hostname: wazuh-cert-tool
+    container_name: wazuh-cert-tool
     volumes:
       - ./config/wazuh_indexer_ssl_certs/:/certificates/
       - ./config/certs.yml:/config/certs.yml
diff --git a/single-node/README.md b/single-node/README.md
@@ -8,7 +8,7 @@ $ sysctl -w vm.max_map_count=262144
 ```
 2) Run the certificate creation script:
 ```
-$ docker-compose -f generate-indexer-certs.yml run --rm generator
+$ docker-compose -f generate-certs.yml run --rm generator
 ```
 3) Start the environment with docker-compose:
 

diff --git a/multi-node/generate-indexer-certs.yml → single-node/generate-certs.yml b/multi-node/generate-indexer-certs.yml → single-node/generate-certs.yml
@@ -3,8 +3,10 @@ version: '3'
 
 services:
   generator:
-    image: wazuh/wazuh-certs-generator:0.0.2
-    hostname: wazuh-certs-generator
+    image: wazuh/wazuh-cert-tool:5.0.0
+    hostname: wazuh-cert-tool
+    container_name: wazuh-cert-tool
     volumes:
       - ./config/wazuh_indexer_ssl_certs/:/certificates/
-      - ./config/certs.yml:/config/certs.yml
+      - ./config/certs.yml:/config/certs.yml
+