MVP - Docker - Create build image process - Wazuh dashboard

[vcerenu]

Description

The creation of a Docker image of the Wazuh dashboard component is required.
This creation process must contemplate the creation of production, pre-release and development images, taking into account that the created packages can be used in any instance and that images will need to be created in each package build that is carried out.

It must also be verified that the life of the container must be tied to the main process of the container. So, if the process crash or is restarted, the container will fail.

The Docker image must be simplified. It will only allow to configure the basic parameters needed by the main process to start and interact with the other containers/components. e.g.: Wazuh server and indexer IPs. The Docker image will not allow to customize the component features, it will use the default values instead.

Other steps of this change is to be able to build both amd64 and arm64 images, so the Dockerfile must be adapted to use global variables when selecting the corresponding architecture package.
Related info: wazuh/wazuh-docker#1624 (comment)

It is also required to use a Github Actions workflow to build and push images to the corresponding repository. Currently, there is a workflow located at .github/workflows/Procedure_push_docker_images.yml that creates the Docker images and pushes them to Docker Hub. A workflow must be generated for the image's own build and its subsequent push to Docker Hub or ECR, depending on whether it is a productive image or not.

Regarding the image generation process, it is required to generate the image every time packages of the component in question are generated, using this generated package and pushing the image to the development or pre-release repository as appropriate.

The Docker image must allow configuring a health check in the deployment.

Warning

The base image must be Amazon Linux 2023 latest

Tasks

• Modify installation method to use downloaded packages instead of installing from a repository. The file containing the URLs must be downloaded prior to the image build.
• Ensure the life of the container matches with the life of the main process.
• Ensure the Docker image allows minimum configuration parameters for the process to start and connect to the rest of the components/containers.
• Ensure you can use prod, pre-release and development packages during the build process.
• Ensure you can create amd64 and arm64 images (multi-arch).
• Ensure the build workflow can push images to Docker hub and ECR repositories depending on what image is being built (production/pre-release or development)
• Ensure the Docker image allows configuring a health check in the deployment.
• Build Docker images for each generated package. The wazuh-server package generation must also build and push a wazuh-server Docker image (to the development (ECR) or the DockerHub repository).
  • The workflow must push the image twice for development images with the following tag nomenclature: WAZUH_VERSION-latest and WAZUH_VERSION-<commit>. e.g.: 5.0.0-latest. The Docker images must be built for each PR to numbered branches or master. The images must be pushed to the ECR Repository.
  • For pre-release images a single image must be pusshed with the tag WAZUH_VERSION-<stage>. e.g.: 5.0.0-alpha1. The image must be pushed to the DockerHub repository.

DRI

Gonzalo Acuña