wazuh · AlexRuiz7 · Sep 24, 2024 · Sep 24, 2024 · Sep 24, 2024
@@ -1,2 +1 @@
-# This should match the owning team set up in https:/orgs/opensearch-project/teams
-* @opensearch-project/dashboards-reports
+* @wazuh/devel-indexer
@@ -0,0 +1,23 @@
+---
+name: Compatibility request
+about: Suggest supporting a new version of OpenSearch
+title: 'Compatibility with OpenSearch (version)'
+labels: compatibility, level/task, type/research
+assignees: ''
+
+---
+
+## Description
+We need to ensure the compatibility with the next version of OpenSearch vX.X.
+This update is still being discussed, but we need to be aware of potential issues.
+
+For that, we need to:
+
+- [ ] Review opensearch's release notes.
+- [ ] Identify improvements and potential impact.
+- [ ] Create new development branch.
+- [ ] Develop a testing environment to verify our components would work under this new build.
+
+
+## Issues
+- _List here the detected issues_
@@ -1,7 +1,2 @@
-contact_links:
- - name: OpenSearch Community Support
- url: https://discuss.opendistrocommunity.dev/
- about: Please ask and answer questions here.
- - name: AWS/Amazon Security
- url: https://aws.amazon.com/security/vulnerability-reporting/
- about: Please report security vulnerabilities here.
+# disable blank issue creation
+blank_issues_enabled: false
@@ -0,0 +1,8 @@
+updates:
+ - directory: /src
+ open-pull-requests-limit: 1
+ package-ecosystem: gradle
+ schedule:
+ interval: weekly
+ day: "friday"
+version: 2
@@ -0,0 +1,69 @@
+run-name: Build Wazuh Indexer Reporting plugin | ${{ inputs.id}}
+name: Build packages
+
+# This workflow runs when any of the following occur:
+# - Run manually
+# - Invoked from another workflow
+on:
+ workflow_dispatch:
+ inputs:
+ revision:
+ description: "Revision"
+ type: string
+ default: "0"
+ id:
+ description: "ID used to identify the workflow uniquely."
+ type: string
+ required: false
+ workflow_call:
+ inputs:
+ revision:
+ description: "Revision"
+ type: string
+ default: "0"
+ id:
+ description: "ID used to identify the workflow uniquely."
+ type: string
+ required: false
+
+# ==========================
+# Bibliography
+# ==========================
+#
+# * Reusable workflows: limitations
+# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations
+# * Using matrix in reusable workflows:
+# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-a-matrix-strategy-with-a-reusable-workflow
+# * Reading input from the called workflow
+# | https://docs.github.com/en/enterprise-cloud@latest/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs
+# * Ternary operator
+# | https://docs.github.com/en/actions/learn-github-actions/expressions#example
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ env:
+ plugin_name: wazuh-indexer-reporting
+ steps:
+ - uses: actions/checkout@v4
+ - uses: actions/setup-java@v4
+ with:
+ distribution: temurin
+ java-version: 21
+
+ - name: Setup Gradle # Used for caching
+ uses: gradle/actions/setup-gradle@v4
+
+ - name: Get version
+ id: version
+ run: echo "version=$(<VERSION)" >> "$GITHUB_OUTPUT"
+
+ - name: Build with Gradle
+ run: ./gradlew build -Dversion=${{ steps.version.outputs.version }} -Drevision=${{ inputs.revision }}
+
+ - name: Upload artifact
+ uses: actions/upload-artifact@v4
+ with:
+ name: ${{ env.plugin_name }}-${{ steps.version.outputs.version }}.${{ inputs.revision }}.zip
+ path: build/distributions/wazuh-indexer-${{ env.plugin_name }}-${{ steps.version.outputs.version }}.${{ inputs.revision }}.zip
+ if-no-files-found: error
@@ -0,0 +1,14 @@
+name: Build packages (on push)
+
+# This workflow runs when any of the following occur:
+# - On push to branches named after ci/*
+on:
+ push:
+ # Sequence of patterns matched against refs/heads
+ branches:
+ - "ci/*"
+
+jobs:
+ call-build-workflow:
+ uses: ./.github/workflows/build.yml
+ secrets: inherit
@@ -59,7 +59,7 @@ jobs:
  chown -R 1000:1000 `pwd`
 
  - name: Upload Artifacts
- uses: actions/upload-artifact@v1
+ uses: actions/upload-artifact@v4
  with:
  name: reports-scheduler-linux
  path: reports-scheduler-builds
@@ -90,7 +90,7 @@ jobs:
  cp -r ./build/distributions/*.zip reports-scheduler-builds/
 
  - name: Upload Artifacts
- uses: actions/upload-artifact@v1
+ uses: actions/upload-artifact@v4
  with:
  name: reports-scheduler-windows
  path: reports-scheduler-builds
@@ -122,7 +122,7 @@ jobs:
  cp -r ./build/distributions/*.zip reports-scheduler-builds/
 
  - name: Upload Artifacts
- uses: actions/upload-artifact@v1
+ uses: actions/upload-artifact@v4
  with:
  name: reports-scheduler-macos
  path: reports-scheduler-builds
@@ -1,96 +1,23 @@
-# Contributing Guidelines
+# Contributing to Wazuh Indexer Plugins
+Depending on the plugin relationship with the Wazuh organization we currently recommend the following naming conventions and optional follow-up checks:
 
-Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional
-documentation, we greatly value feedback and contributions from our community.
+### Official plugins
 
-Please read through this document before submitting any issues or pull requests to ensure we have all the necessary
-information to effectively respond to your bug report or contribution.
+For the **official plugins** that live within the Wazuh organization (i.e. they are included in [wazuh/wazuh-indexer-plugins/](https:/wazuh/wazuh-indexer-plugins) or [wazuh/wazuh-indexer-reporting/](https:/wazuh/wazuh-indexer-reporting) folder), and **which share the same release cycle as the Wazuh Indexer** itself:
 
-## Reporting Bugs/Feature Requests
+- Do not include the word `plugin` in the repo name (e.g. [job-scheduler](https:/opensearch-project/job-scheduler))
+- Use lowercase repo names
+- Use spinal case for repo names (e.g. [job-scheduler](https:/opensearch-project/job-scheduler))
+- Do not include the word `Wazuh Indexer` or `Wazuh Dashboard` in the repo name
+- Provide a meaningful description, e.g. `A Wazuh Dashboard plugin to perform real-time and historical anomaly detection on Wazuh Indexer data`.
 
-We welcome you to use the GitHub issue tracker to report bugs or suggest features.
+### Thirdparty plugins
 
-When filing an issue, please check existing open, or recently closed, issues to make sure somebody else hasn't already
-reported the issue. Please try to include as much information as you can. Details like these are incredibly useful:
+For the **3rd party plugins** that are maintained as independent projects in separate GitHub repositories **with their own release cycles** the recommended naming convention should follow the same rules as official plugins with some exceptions and few follow-up checks:
 
-- A reproducible test case or series of steps
-- The version of our code being used
-- Any modifications you've made relevant to the bug
-- Anything unusual about your environment or deployment
-
-## Sign your work
-The sign-off is a simple line at the end of each commit, which certifies that you wrote it or otherwise have the right to pass it on as an open-source patch. if you can certify the below
-```
-By making a contribution to this project, I certify that:
-(a) The contribution was created in whole or in part by me and I
-have the right to submit it under the open source license
-indicated in the file; or
-(b) The contribution is based upon previous work that, to the best
-of my knowledge, is covered under an appropriate open source
-license and I have the right under that license to submit that
-work with modifications, whether created in whole or in part
-by me, under the same open source license (unless I am
-permitted to submit under a different license), as indicated
-in the file; or
-(c) The contribution was provided directly to me by some other
-person who certified (a), (b) or (c) and I have not modified
-it.
-(d) I understand and agree that this project and the contribution
-are public and that a record of the contribution (including all
-personal information I submit with it, including my sign-off) is
-maintained indefinitely and may be redistributed consistent with
-this project or the open source license(s) involved.
-```
-then you just add a line to every git commit message:
-```
-Signed-off-by: Bob Sanders <[email protected]>
-```
-You can sign off your work easily by adding the configuration in github
-```
-git config user.name "Bob Sanders"
-git config user.email "[email protected]"
-```
-Then, you could sign off commits automatically by adding `-s` or `-=signoff` parameter to your usual git commits commands. e.g.
-```
-git commit -s -m "my first commit"
-```
-
-## Contributing via Pull Requests
-
-Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that:
-
-1. You are working against the latest source on the _dev_ branch.
-2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already.
-3. You open an issue to discuss any significant work - we would hate for your time to be wasted.
-
-To send us a pull request, please:
-
-1. Fork the repository.
-2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change.
-3. Ensure local tests pass.
-4. Commit to your fork using clear commit messages.
-5. Send us a pull request, answering any default questions in the pull request interface.
-6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation.
-
-GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and
-[creating a pull request](https://help.github.com/articles/creating-a-pull-request/).
-
-## Finding contributions to work on
-
-Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any 'help wanted' issues is a great place to start.
-
-## Code of Conduct
-
-This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct).
-For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact
-[email protected] with any additional questions or comments.
-
-## Security issue notifications
-
-If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue.
-
-## Licensing
-
-See the [LICENSE](LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution.
-
-We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes.
+- Inclusion of the words like `Wazuh Indexer` or `Wazuh Dashboard` (and in reasonable cases even `plugin`) are welcome because they can increase the chance of discoverability of the repository
+- Check the plugin versioning policy is documented and help users know which versions of the plugin are compatible and recommended for specific versions of OpenSearch
+- Review [CONTRIBUTING.md](CONTRIBUTING.md) document which is by default tailored to the needs of Amazon Web Services developer teams. You might want to update or further customize specific parts related to:
+ - **Code of Conduct** (if you do not already have CoC policy then there are several options to start with, such as [Contributor Covenant](https://www.contributor-covenant.org/)),
+ - **Security Policy** (you should let users know how they can safely report security vulnerabilities),
+ - Check if you need explicit part about **Trademarks and Attributions** (if you use any registered or non-registered trademarks we recommend following applicable "trademark-use" documents provided by respective trademark owners)