MVP - Docker - Change build image process - Wazuh server

[vcerenu]

Description

According to the main issue, it is necessary to modify the installation process of the Wazuh manager packages in the Docker image build.

Within the Dockerfile we have a script that currently configures the pre-release or production repository according to whether the version we are using is greater or not than the current release.

COPY config/check_repository.sh /
...
RUN chmod 775 /check_repository.sh
RUN source /check_repository.sh

This script currently performs checks to automatically choose which repository to use. This must be modified so that it selects which package to download for the installation, taking into account that it can obtain the production and pre-release packages and also the possibility of using development packages, which must be obtained from private buckets. A URLs file (with the packages URLs will be available for each stage: Production, Pre-release and Development). The corresponding file must be downloaded before building the image and included as an environment variable file for the build process/command.

It must also be verified that the life of the container must be tied to the main process of the container. So, if the process crash or is restarted, the container will fail.

The Docker image must be simplified. It will only allow to configure the basic parameters needed by the main process to start and interact with the other containers/components. e.g.: Wazuh server and indexer IPs. The Docker image will not allow to customize the component features, it will use the default values instead.

Other steps of this change is to be able to build both amd64 and arm64 images, so the Dockerfile must be adapted to use global variables when selecting the corresponding architecture package.
Related info: wazuh/wazuh-docker#1624 (comment)

It is also required to use a Github Actions workflow to build and push images to the corresponding repository. Currently, there is a workflow located at .github/workflows/Procedure_push_docker_images.yml that creates the Docker images and pushes them to Docker Hub. A workflow must be generated for the image's own build and its subsequent push to Docker Hub or ECR, depending on whether it is a productive image or not. The workflow must also include the URLs file logic.

Tasks

• Modify installation method to use downloaded packages instead of installing from a repository. The file containing the URLs must be downloaded prior to the image build.
• Ensure the life of the container is tied with the life of the main process.
• Ensure the Docker image allows minimum configuration parameters for the process to start and connect to the rest of the components/containers.
• Ensure you can use prod, pre-release, and development packages during the build process.
• Ensure you can create amd64 and arm64 images (multi-arch).
• Ensure the build workflow can push images to Docker hub and ECR repositories depending on what image is being built (production/pre-release or development)
• Build Docker images for each generated package. The wazuh-server package generation must also create and push a wazuh-server Docker image (to the development repository). The image must push the image with twice with the following tag nomenclature: WAZUH_VERSION-latest and WAZUH_VERSION-commit.

DRI

Gonzalo Acuña