diff --git a/.github/workflows/build_elastic_common_schema_toolchain.yml b/.github/workflows/build_elastic_common_schema_toolchain.yml new file mode 100644 index 0000000000..ae943f167a --- /dev/null +++ b/.github/workflows/build_elastic_common_schema_toolchain.yml @@ -0,0 +1,59 @@ +name: Build ECS Toolchain Image +on: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: write + id-token: write + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::068738303278:role/PushPullECSToolchainImage + aws-region: us-east-1 + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + + # Setting up Docker Buildx with docker-container driver is required + # Setting up Docker Buildx with docker-container driver is required + # at the moment to be able to use a subdirectory with Git context + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Debug + run: 'echo Branch name: "${{ github.head_ref || github.ref_name }}"' + + # Always push with the branch name, this allows for external testing + - name: Build and Push + uses: docker/build-push-action@v5 + with: + context: "{{defaultContext}}:docker" + tags: 068738303278.dkr.ecr.us-east-1.amazonaws.com/elastic-common-schema-toolchain:${{ github.head_ref || github.ref_name }} + cache-from: type=registry,ref=068738303278.dkr.ecr.us-east-1.amazonaws.com/elastic-common-schema-toolchain:cache + cache-to: mode=max,image-manifest=true,oci-mediatypes=true,type=registry,ref=068738303278.dkr.ecr.us-east-1.amazonaws.com/elastic-common-schema-toolchain:cache + push: true + build-args: | + BRANCH=${{ github.head_ref || github.ref_name }} + + # Once it's in main, we want to update to the latest stable version + - name: Push Latest Tag + if: github.ref_name == 'main' + uses: docker/build-push-action@v5 + with: + context: "{{defaultContext}}:docker" + tags: 068738303278.dkr.ecr.us-east-1.amazonaws.com/elastic-common-schema-toolchain:latest + cache-from: type=registry,ref=068738303278.dkr.ecr.us-east-1.amazonaws.com/elastic-common-schema-toolchain:cache + cache-to: mode=max,image-manifest=true,oci-mediatypes=true,type=registry,ref=068738303278.dkr.ecr.us-east-1.amazonaws.com/elastic-common-schema-toolchain:cache + push: true + build-args: | + BRANCH=${{ github.ref_name }} diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 0000000000..59a3965c5d --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,7 @@ +FROM ubuntu:latest +ARG BRANCH=main +RUN mkdir /ecs && apt update && apt install -y git python3-pip && apt clean +WORKDIR /ecs +RUN git clone https://github.com/huntresslabs/ecs . && git checkout ${BRANCH} && python3 -m pip install --break-system-packages -r scripts/requirements.txt +COPY scripts/entry_point.sh entry_point.sh +ENTRYPOINT ["/bin/bash", "/ecs/entry_point.sh"] diff --git a/docker/scripts/entry_point.sh b/docker/scripts/entry_point.sh new file mode 100644 index 0000000000..02585abdfd --- /dev/null +++ b/docker/scripts/entry_point.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +python3 scripts/generator.py --subset /data_stream/subset --out /data_stream --include /include /data_stream/include +code=$? +if [ $code -ne 0 ]; then + exit $code +fi + +# Moving this functionality into the ECS tool +# for yaml_file in $(find {"/include","/data_stream/include"} -name '*.yml' -type f); do +# file_name="${yaml_file##*/}" +# if [ "$(yq '.0 | has("settings")' $yaml_file)" == "true" ]; then +# out_file="/data_stream/generated/elasticsearch/composable/component/${file_name%.yml}.json" +# echo "Adding settings from ${file_name} to ${out_file##*/}" +# yq '.0.settings' -o json $yaml_file | jq '.tmp.template.settings = .' | jq '.tmp' > /tmp/settings.json +# jq -s '.[0] * .[1]' $out_file /tmp/settings.json > /tmp/combined.json +# mv /tmp/combined.json $out_file +# else +# echo "$file_name does NOT have settings" +# fi +# done +echo "Opening permissions" +chmod -R 'u=rwX,g=rwX,o=rwX' "/data_stream/generated"