ensure nginx-agent is installed on WAF images (#6107)

.github/workflows/build-base-images.yml

@@ -213,6 +213,8 @@ jobs:
         run: |
           [[ "${{ matrix.nap_modules }}" == "waf,dos" ]] && modules="waf-dos" || modules="${{ matrix.nap_modules }}"
           echo "modules=${modules}" >> $GITHUB_OUTPUT
+          [[ "${{ matrix.nap_modules }}" =~ waf ]] && agent="true" || agent="false"
+          echo "agent=${agent}" >> $GITHUB_OUTPUT
         if: ${{ matrix.nap_modules != '' }}
 
       - name: Docker meta
@@ -242,6 +244,7 @@ jobs:
             BUILD_OS=${{ matrix.image }}
             IC_VERSION=${{ needs.checks.outputs.ic_version }}
             NAP_MODULES=${{ matrix.nap_modules }}
+            ${{ contains(matrix.nap_modules,'waf') && format('NGINX_AGENT={0}', steps.nap_modules.outputs.agent) || '' }}
           secrets: |
             "nginx-repo.crt=${{ secrets.NGINX_AP_CRT }}"
             "nginx-repo.key=${{ secrets.NGINX_AP_KEY }}"

.github/workflows/build-plus.yml

@@ -80,9 +80,11 @@ jobs:
         id: nap_modules
         run: |
           [[ "${{ inputs.nap-modules }}" == "waf,dos" ]] && modules="waf-dos" || name="${{ inputs.nap-modules }}"
+          echo "name=${name}" >> $GITHUB_OUTPUT
           [[ "${{ inputs.nap-modules }}" == "waf,dos" ]] && modules="both" || modules="${{ inputs.nap-modules }}"
           echo "modules=${modules}" >> $GITHUB_OUTPUT
-          echo "name=${name}" >> $GITHUB_OUTPUT
+          [[ "${{ inputs.nap-modules }}" =~ waf ]] && agent="true" || agent="false"
+          echo "agent=${agent}" >> $GITHUB_OUTPUT
         if: ${{ inputs.nap-modules != '' }}
 
       - name: Docker meta
@@ -143,6 +145,7 @@ jobs:
             BUILD_OS=${{ inputs.image }}
             IC_VERSION=${{ inputs.ic-version && inputs.ic-version || steps.meta.outputs.version }}
             ${{ inputs.nap-modules != '' && format('NAP_MODULES={0}', steps.nap_modules.outputs.name) || '' }}
+            ${{ contains(inputs.nap-modules,'waf') && format('NGINX_AGENT={0}', steps.nap_modules.outputs.agent) || '' }}
           secrets: |
             "nginx-repo.crt=${{ inputs.nap-modules != '' && secrets.NGINX_AP_CRT || secrets.NGINX_CRT }}"
             "nginx-repo.key=${{ inputs.nap-modules != '' && secrets.NGINX_AP_KEY || secrets.NGINX_KEY }}"
@@ -187,6 +190,7 @@ jobs:
             ${{ inputs.authenticated && format('PREBUILT_BASE_IMG={0}', steps.base_name.outputs.image ) }}
             IC_VERSION=${{ inputs.ic-version && inputs.ic-version || steps.meta.outputs.version }}
             ${{ inputs.nap-modules != '' && format('NAP_MODULES={0}', steps.nap_modules.outputs.name) || '' }}
+            ${{ contains(inputs.nap-modules,'waf') && format('NGINX_AGENT={0}', steps.nap_modules.outputs.agent) || '' }}
             ${{ (contains(inputs.target, 'aws') && inputs.nap-modules != '') && format('NAP_MODULES_AWS={0}', steps.nap_modules.outputs.modules) || '' }}
             ${{ contains(inputs.image, 'v5') && 'WAF_VERSION=v5' || '' }}
           secrets: |

.github/workflows/setup-smoke.yml

@@ -88,6 +88,8 @@ jobs:
         run: |
           [[ "${{ inputs.nap-modules }}" == "waf,dos" ]] && modules="waf-dos" || modules="${{ inputs.nap-modules }}"
           echo "modules=${modules}" >> $GITHUB_OUTPUT
+          [[ "${{ inputs.nap-modules }}" =~ waf ]] && agent="true" || agent="false"
+          echo "agent=${agent}" >> $GITHUB_OUTPUT
         if: ${{ inputs.nap-modules }}
 
       - name: Pull build image
@@ -137,6 +139,7 @@ jobs:
             BUILD_OS=${{ inputs.image }}
             IC_VERSION=CI
             ${{ contains(inputs.image, 'nap') && format('NAP_MODULES={0}', steps.nap_modules.outputs.modules) || '' }}
+            ${{ contains(inputs.nap-modules,'waf') && format('NGINX_AGENT={0}', steps.nap_modules.outputs.agent) || '' }}
             ${{ contains(inputs.marker, 'appprotect') && 'DEBIAN_VERSION=buster-slim' || '' }}
           secrets: |
             ${{ contains(inputs.image, 'nap') && format('"nginx-repo.crt={0}"', secrets.NGINX_AP_CRT) || format('"nginx-repo.crt={0}"', secrets.NGINX_CRT) }}