1+ run-name : Kubernetes deployment test - Branch ${{ inputs.BRANCH_VERSION }} - Launched by @${{ github.actor }}
2+ name : Test Wazuh deployment on Kubernetes
3+
4+ on :
5+ pull_request :
6+ workflow_dispatch :
7+ inputs :
8+ BRANCH_VERSION :
9+ description : ' Branch version to deploy'
10+ required : true
11+ default : ' 5.0.0'
12+
13+ permissions :
14+ id-token : write # This is required for requesting the JWT
15+ contents : read # This is required for actions/checkout
16+
17+ jobs :
18+ EKS_deployment_test :
19+ runs-on : ubuntu-20.04
20+ steps :
21+ - name : Checkout code
22+ uses : actions/checkout@v4
23+ with :
24+ ref : ${{ inputs.BRANCH_VERSION }}
25+
26+ - name : Configure aws credentials
27+ uses : aws-actions/configure-aws-credentials@v4
28+ with :
29+ role-to-assume : ${{ secrets.AWS_IAM_KUBERNETES_ROLE }}
30+ aws-region : " ${{ secrets.AWS_REGION }}"
31+
32+ - name : Install eksctl
33+ run : |
34+ ARCH=amd64
35+ PLATFORM=$(uname -s)_$ARCH
36+ curl -sLO "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_$PLATFORM.tar.gz"
37+ curl -sL "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_checksums.txt" | grep $PLATFORM | sha256sum --check
38+ tar -xzf eksctl_$PLATFORM.tar.gz -C /tmp && rm eksctl_$PLATFORM.tar.gz
39+ sudo mv /tmp/eksctl /usr/local/bin
40+
41+ name : Deploy eks cluster
42+ run : |
43+ eksctl create cluster && \
44+ --name test-eks-deploy-${{ github.event.number }} && \
45+ --with-oidc && \
46+ --region us-east-1 && \
47+ --nodes-min 6 && \
48+ --nodes-max 6 && \
49+ --managed && \
50+ --spot && \
51+ -t t3a.medium && \
52+ --tags "issue=https://github.com/wazuh/wazuh-kubernetes/pull/${{ github.event.number }},team=devops,termination_date=2030-01-01 21:00:00"
53+
54+ name : Create sa for ebs-csi-controller
55+ run : |
56+ eksctl create iamserviceaccount && \
57+ --name ebs-csi-controller-sa && \
58+ --region us-east-1 && \
59+ --namespace kube-system && \
60+ --cluster test-eks-deploy-${{ github.event.number }} && \
61+ --role-name AmazonEKS_EBS_CSI_DriverRole_test-eks-deploy-${{ github.event.number }} && \
62+ --role-only && \
63+ --attach-policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy && \
64+ --approve
65+
66+ name : Install addon aws-ebs-csi-driver into a eks cluster deployed
67+ run : |
68+ eksctl create addon && \
69+ --name aws-ebs-csi-driver && \
70+ --cluster test-eks-deploy-${{ github.event.number }} && \
71+ --region ${{ secrets.AWS_REGION }} && \
72+ --service-account-role-arn arn:aws:iam::567970947422:role/AmazonEKS_EBS_CSI_DriverRole_test-eks-deploy-${{ github.event.number }} && \
73+ --force
74+
75+ name : Create Wazuh indexer certificates
76+ run : wazuh/certs/indexer_cluster/generate_certs.sh
77+
78+ - name : Create Wazuh dashboard certificates
79+ run : wazuh/certs/dashboard_http/generate_certs.sh
80+
81+ - name : Deploy Wazuh stack
82+ run : kubectl apply -k envs/eks/
83+
84+ Local_deployment_test :
85+ runs-on : ubuntu-20.04
86+ steps :
87+ - name : Checkout code
88+ uses : actions/checkout@v4
89+ with :
90+ ref : ${{ inputs.BRANCH_VERSION }}
91+
92+ - name : free disk space
93+ run : |
94+ sudo swapoff -a
95+ sudo rm -f /swapfile
96+ sudo apt clean
97+ docker rmi $(docker image ls -aq)
98+ df -h
99+
100+ name : Install Minikube cluster
101+ run : |
102+ curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
103+ sudo install minikube-linux-amd64 /usr/local/bin/minikube && rm minikube-linux-amd64
104+
105+ name : Start Minikube cluster
106+ run : minikube start
107+
108+ - name : Create Wazuh indexer certificates
109+ run : wazuh/certs/indexer_cluster/generate_certs.sh
110+
111+ - name : Create Wazuh dashboard certificates
112+ run : wazuh/certs/dashboard_http/generate_certs.sh
113+
114+ - name : Deploy Wazuh stack
115+ run : minikube kubectl apply -k envs/local/
0 commit comments