wazuh · Tostti · Jan 2, 2024 · Dec 22, 2023 · Dec 22, 2023 · Dec 26, 2023
diff --git a/.github/workflows/build_wazuh_dashboard_with_plugins.yml b/.github/workflows/build_wazuh_dashboard_with_plugins.yml
@@ -210,3 +210,73 @@ jobs:
           name: wazuh-dashboard-${{ env.VERSION }}-${{ env.REVISION }}.x86_64.rpm
           path: ${{ env.CURRENT_DIR }}/dev-tools/build-packages/rpm/output/wazuh-dashboard-${{ env.VERSION }}-${{ env.REVISION }}.x86_64.rpm
           retention-days: 30
+
+
+  test-package-deb:
+    needs: [build-deb-package]
+    runs-on: ubuntu-latest
+    name: Test packages
+    strategy:
+      fail-fast: false
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Setup variables
+        run: |
+          echo "CURRENT_DIR=$(pwd -P)" >> $GITHUB_ENV
+          echo "VERSION=$(yarn --silent wzd-version)" >> $GITHUB_ENV
+          echo "REVISION=$(yarn --silent wzd-revision)" >> $GITHUB_ENV
+
+      - name: Download deb package
+        uses: actions/download-artifact@v3
+        with:
+          name: wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64.deb
+          path: ${{ env.CURRENT_DIR }}/dev-tools/test-packages/deb
+
+      - name: Run test
+        run: |
+          cd ${{ env.CURRENT_DIR }}/dev-tools/test-packages
+          bash ./test-packages.sh \
+            -p wazuh-dashboard_${{ env.VERSION }}-${{ env.REVISION }}_amd64.deb
+
+
+  test-package-rpm:
+    needs: [build-rpm-package]
+    runs-on: ubuntu-latest
+    name: Test packages
+    strategy:
+      fail-fast: false
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Setup variables
+        run: |
+          echo "CURRENT_DIR=$(pwd -P)" >> $GITHUB_ENV
+          echo "VERSION=$(yarn --silent wzd-version)" >> $GITHUB_ENV
+          echo "REVISION=$(yarn --silent wzd-revision)" >> $GITHUB_ENV
+
+      - name: Download rpm package
+        uses: actions/download-artifact@v3
+        with:
+          name: wazuh-dashboard-${{ env.VERSION }}-${{ env.REVISION }}.x86_64.rpm
+          path: ${{ env.CURRENT_DIR }}/dev-tools/test-packages/rpm
+
+      - name: Run test
+        run: |
+          cd ${{ env.CURRENT_DIR }}/dev-tools/test-packages
+          bash ./test-packages.sh \
+            -p wazuh-dashboard-${{ env.VERSION }}-${{ env.REVISION }}.x86_64.rpm
diff --git a/dev-tools/test-packages/deb/Dockerfile b/dev-tools/test-packages/deb/Dockerfile
@@ -0,0 +1,7 @@
+FROM ubuntu:latest
+ARG PACKAGE
+RUN mkdir -p /tmp
+RUN apt-get update --fix-missing
+RUN apt-get install -y curl libcap2-bin
+COPY ${PACKAGE} /tmp/wazuh.deb
+RUN dpkg -i /tmp/wazuh.deb
diff --git a/dev-tools/test-packages/rpm/Dockerfile b/dev-tools/test-packages/rpm/Dockerfile
@@ -0,0 +1,11 @@
+FROM centos:latest
+
+RUN mkdir -p /tmp
+FROM centos
+ARG PACKAGE
+RUN cd /etc/yum.repos.d/
+RUN sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
+RUN sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
+RUN yum update -y
+COPY ${PACKAGE} /tmp/wazuh.rpm
+RUN yum install /tmp/wazuh.rpm -y
diff --git a/dev-tools/test-packages/test-packages.sh b/dev-tools/test-packages/test-packages.sh
@@ -0,0 +1,169 @@
+#!/bin/sh
+
+# Package name
+PACKAGE=""
+# Container name
+CONTAINER_NAME="wazuh-dashboard"
+# Files to check
+FILES="/etc/wazuh-dashboard/opensearch_dashboards.yml /usr/share/wazuh-dashboard"
+# Owner of the files
+FILE_OWNER="wazuh-dashboard"
+
+# Remove container and image
+clean() {
+  docker stop $CONTAINER_NAME
+  docker rmi $CONTAINER_NAME
+}
+
+# Check if files exist and are owned by wazuh-dashboard
+files_exist() {
+  for FILE in $FILES; do
+    if docker exec $CONTAINER_NAME ls $FILE >/dev/null 2>&1; then
+      file_owner=$(docker exec $CONTAINER_NAME stat -c '%U' $FILE)
+      if [ "$file_owner" != "$FILE_OWNER" ]; then
+        echo "ERROR: $FILE is owned by $file_owner instead of $FILE_OWNER"
+        clean
+        exit 1
+      fi
+      echo "$FILE exist and is owned by $FILE_OWNER"
+    else
+      echo "ERROR: $FILE does not exist"
+      clean
+      exit 1
+    fi
+  done
+}
+
+# Check if opensearch_dashboards.yml is the same as the one in the package
+check_opensearch_dashboard_yml() {
+  docker cp ../../config/opensearch_dashboards.prod.yml $CONTAINER_NAME:/tmp/opensearch_dashboards.yml
+
+  diff_opensearch_dashboard_yml=$(docker exec $CONTAINER_NAME diff /etc/wazuh-dashboard/opensearch_dashboards.yml /tmp/opensearch_dashboards.yml)
+
+  if [ -n "$diff_opensearch_dashboard_yml" ]; then
+    echo "ERROR: opensearch_dashboards.yml is not the same as the one in the package"
+    echo $diff_opensearch_dashboard_yml
+    clean
+    exit 1
+  fi
+  echo $(docker exec $CONTAINER_NAME diff /etc/wazuh-dashboard/opensearch_dashboards.yml /tmp/opensearch_dashboards.yml)
+  echo "opensearch_dashboards.yml is the same as the one in the package"
+}
+
+# Check if metadata is correct for deb packages
+check_metadata_deb() {
+
+  IFS='_' read -r -a arrayNameFile <<< "$PACKAGE"
+  metadataVersion=$(docker exec $CONTAINER_NAME apt show wazuh-dashboard | grep Version | awk '{print $2}')
+  metadataPackage=$(docker exec $CONTAINER_NAME apt show wazuh-dashboard | grep Package | awk '{print $2}')
+  metadataStatus=$(docker exec $CONTAINER_NAME apt show wazuh-dashboard | grep Status)
+
+  # Check if metadata is correct
+  if [ "${arrayNameFile[1]}" != "$metadataVersion" ]; then
+    echo "ERROR: metadata version is not the same as the one in the package"
+    echo "metadata version: $metadataVersion"
+    echo "package version: ${arrayNameFile[1]}"
+    clean
+    exit 1
+  elif [ "${arrayNameFile[0]}" != "$metadataPackage" ]; then
+    echo "ERROR: metadata package is not the same as the one in the package"
+    echo "metadata package: $metadataPackage"
+    echo "package package: ${arrayNameFile[0]}"
+    clean
+    exit 1
+  elif [ "$metadataStatus" != "Status: install ok installed" ]; then
+    echo "ERROR: metadata status is not 'Status: install ok installed'"
+    echo "metadata status: $metadataStatus"
+    clean
+    exit 1
+  fi
+
+  echo "metadata version is correct: $metadataVersion"
+  echo "metadata package is correct: $metadataPackage"
+  echo "metadata status is $metadataStatus"
+}
+
+check_metadata_rpm() {
+  metadataVersion=$(docker exec $CONTAINER_NAME rpm -q --qf '%{VERSION}-%{RELEASE}' wazuh-dashboard)
+  metadataPackage=$(docker exec $CONTAINER_NAME rpm -q --qf '%{NAME}' wazuh-dashboard)
+
+  # Check if metadata is correct
+  if [[ $PACKAGE != *"$metadataVersion"* ]]; then
+    echo "ERROR: metadata version is not the same as the one in the package"
+    echo "metadata version: $metadataVersion"
+    echo "package version: $PACKAGE"
+    clean
+    exit 1
+  elif [[ $PACKAGE != "$metadataPackage"* ]]; then
+    echo "ERROR: metadata package is not the same as the one in the package"
+    echo "metadata package: $metadataPackage"
+    echo "package package: $PACKAGE"
+    clean
+    exit 1
+  fi
+
+  echo "metadata version is correct: $metadataVersion"
+  echo "metadata package is correct: $metadataPackage"
+}
+
+# Run test
+test() {
+
+  if [[ $PACKAGE == *".deb" ]]; then
+    docker build --build-arg PACKAGE=$PACKAGE -t $CONTAINER_NAME ./deb/
+    docker run -it --rm -d --name $CONTAINER_NAME $CONTAINER_NAME
+    check_metadata_deb
+  elif [[ $PACKAGE == *".rpm" ]]; then
+    docker build --build-arg PACKAGE=$PACKAGE -t $CONTAINER_NAME ./rpm/
+    docker run -it --rm -d --name $CONTAINER_NAME $CONTAINER_NAME
+    check_metadata_rpm
+  else
+    echo "ERROR: $PACKAGE is not a valid package (valid packages are .deb and .rpm ))"
+    exit 1
+  fi
+
+  files_exist
+
+  check_opensearch_dashboard_yml
+}
+
+# Show help
+help() {
+  echo
+  echo "Usage: $0 [OPTIONS]"
+  echo
+  echo "    -p, --package <path>       Set Wazuh Dashboard rpm package name,which has to be in the <repository>/dev-tools/test-packages/<DISTRIBUTION>/ folder."
+  echo
+  exit $1
+}
+
+main() {
+  while [ -n "${1}" ]; do
+    case "${1}" in
+    "-h" | "--help")
+      help 0
+      ;;
+    "-p" | "--package")
+      if [ -n "${2}" ]; then
+        PACKAGE="${2}"
+        shift 2
+      else
+        help 1
+      fi
+      ;;
+    *)
+      help 1
+      ;;
+    esac
+  done
+
+  if [ -z "$PACKAGE" ] ; then
+    help 1
+  fi
+
+  test
+
+  clean
+}
+
+main "$@"