From be19c70082cd8805df31726583cf8c771b170e9e Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 14 Sep 2023 12:25:57 -0300 Subject: [PATCH 01/28] remove goss install --- .github/goss/goss.yaml | 103 +++++++++++++++++++ build-docker-images/wazuh-manager/Dockerfile | 2 - 2 files changed, 103 insertions(+), 2 deletions(-) create mode 100644 .github/goss/goss.yaml diff --git a/.github/goss/goss.yaml b/.github/goss/goss.yaml new file mode 100644 index 00000000..ee81b870 --- /dev/null +++ b/.github/goss/goss.yaml @@ -0,0 +1,103 @@ +file: + /etc/filebeat/filebeat.yml: + exists: true + mode: "0644" + owner: root + group: root + filetype: file + contains: [] + /var/ossec/bin/wazuh-control: + exists: true + mode: "0750" + owner: root + group: root + filetype: file + contains: [] + /var/ossec/etc/lists/audit-keys: + exists: true + mode: "0660" + owner: wazuh + group: wazuh + filetype: file + contains: [] + /var/ossec/etc/ossec.conf: + exists: true + mode: "0660" + owner: root + group: wazuh + filetype: file + contains: [] + /var/ossec/etc/rules/local_rules.xml: + exists: true + mode: "0660" + owner: wazuh + group: wazuh + filetype: file + contains: [] + /var/ossec/etc/sslmanager.cert: + exists: true + mode: "0640" + owner: root + group: root + filetype: file + contains: [] + /var/ossec/etc/sslmanager.key: + exists: true + mode: "0640" + owner: root + group: root + filetype: file + contains: [] +package: + filebeat: + installed: true + versions: + - 7.10.2 + wazuh-manager: + installed: true + versions: + - 4.5.2-1 +port: + tcp:1514: + listening: true + ip: + - 0.0.0.0 + tcp:1515: + listening: true + ip: + - 0.0.0.0 + tcp:55000: + listening: true + ip: + - 0.0.0.0 +process: + filebeat: + running: true + wazuh-analysisd: + running: true + wazuh-authd: + running: true + wazuh-execd: + running: true + wazuh-monitord: + running: true + wazuh-remoted: + running: true + wazuh-syscheckd: + running: true + s6-supervise: + running: true + wazuh-db: + running: true + wazuh-modulesd: + running: true +user: + wazuh: + exists: true + groups: + - wazuh + home: /var/ossec + shell: /sbin/nologin +group: + wazuh: + exists: true \ No newline at end of file diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index c1894489..d0e59189 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -24,8 +24,6 @@ RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_ dpkg -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && \ curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module -RUN curl -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o /usr/local/bin/goss && chmod +rx /usr/local/bin/goss - ARG S6_VERSION="v2.2.0.3" RUN curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \ -o /tmp/s6-overlay-amd64.tar.gz && \ From e9f689dbfce41f6604167d76a41a99c03f00dd91 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 14 Sep 2023 15:17:13 -0300 Subject: [PATCH 02/28] remove goss directory --- .github/goss/goss.yaml | 103 ----------------------------------------- 1 file changed, 103 deletions(-) delete mode 100644 .github/goss/goss.yaml diff --git a/.github/goss/goss.yaml b/.github/goss/goss.yaml deleted file mode 100644 index ee81b870..00000000 --- a/.github/goss/goss.yaml +++ /dev/null @@ -1,103 +0,0 @@ -file: - /etc/filebeat/filebeat.yml: - exists: true - mode: "0644" - owner: root - group: root - filetype: file - contains: [] - /var/ossec/bin/wazuh-control: - exists: true - mode: "0750" - owner: root - group: root - filetype: file - contains: [] - /var/ossec/etc/lists/audit-keys: - exists: true - mode: "0660" - owner: wazuh - group: wazuh - filetype: file - contains: [] - /var/ossec/etc/ossec.conf: - exists: true - mode: "0660" - owner: root - group: wazuh - filetype: file - contains: [] - /var/ossec/etc/rules/local_rules.xml: - exists: true - mode: "0660" - owner: wazuh - group: wazuh - filetype: file - contains: [] - /var/ossec/etc/sslmanager.cert: - exists: true - mode: "0640" - owner: root - group: root - filetype: file - contains: [] - /var/ossec/etc/sslmanager.key: - exists: true - mode: "0640" - owner: root - group: root - filetype: file - contains: [] -package: - filebeat: - installed: true - versions: - - 7.10.2 - wazuh-manager: - installed: true - versions: - - 4.5.2-1 -port: - tcp:1514: - listening: true - ip: - - 0.0.0.0 - tcp:1515: - listening: true - ip: - - 0.0.0.0 - tcp:55000: - listening: true - ip: - - 0.0.0.0 -process: - filebeat: - running: true - wazuh-analysisd: - running: true - wazuh-authd: - running: true - wazuh-execd: - running: true - wazuh-monitord: - running: true - wazuh-remoted: - running: true - wazuh-syscheckd: - running: true - s6-supervise: - running: true - wazuh-db: - running: true - wazuh-modulesd: - running: true -user: - wazuh: - exists: true - groups: - - wazuh - home: /var/ossec - shell: /sbin/nologin -group: - wazuh: - exists: true \ No newline at end of file From 2ac53b9b3d3e010b7016509fae1d1a81d7b1e523 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 15 Sep 2023 12:41:05 -0300 Subject: [PATCH 03/28] add custom directory and persistence --- build-docker-images/wazuh-dashboard/Dockerfile | 4 ++++ single-node/docker-compose.yml | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 1b95ca88..27ca9865 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -102,6 +102,10 @@ RUN chown 1000:1000 /*.sh # Copy Install dir from builder to current image COPY --from=builder --chown=1000:1000 $INSTALL_DIR $INSTALL_DIR +# Create custom directory +RUN mkdir -p /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom +RUN chown 1000:1000 /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom + # Set workdir and user WORKDIR $INSTALL_DIR USER wazuh-dashboard diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 063cf6d1..92077eb3 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -89,8 +89,9 @@ services: - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml - - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml + - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config + - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom depends_on: - wazuh.indexer links: @@ -111,3 +112,4 @@ volumes: filebeat_var: wazuh-indexer-data: wazuh-dashboard-config: + wazuh-dashboard-custom: From 37f565bb8aaa21c0d1e96381a82bcc597768b1c5 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 15 Sep 2023 12:49:32 -0300 Subject: [PATCH 04/28] add custom directory and persistence --- multi-node/docker-compose.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 4fe149a3..a83f36f8 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -168,8 +168,9 @@ services: - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml - - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml + - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config + - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom depends_on: - wazuh1.indexer links: @@ -220,3 +221,4 @@ volumes: wazuh-indexer-data-2: wazuh-indexer-data-3: wazuh-dashboard-config: + wazuh-dashboard-custom: From 0fbbf5aee2e3d7cd3849f1a35ac10d81f5d23873 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 15 Sep 2023 13:31:00 -0300 Subject: [PATCH 05/28] add shuffle scripts into permanent data --- build-docker-images/wazuh-manager/config/permanent_data.env | 2 ++ 1 file changed, 2 insertions(+) diff --git a/build-docker-images/wazuh-manager/config/permanent_data.env b/build-docker-images/wazuh-manager/config/permanent_data.env index 0a3ebd35..5d797624 100644 --- a/build-docker-images/wazuh-manager/config/permanent_data.env +++ b/build-docker-images/wazuh-manager/config/permanent_data.env @@ -21,6 +21,8 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal.py" +PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle" +PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/default-firewall-drop" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/disable-account" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/firewalld-drop" From 7d5b1c4f85098c5d428a2b90a8f3dda0f564cc98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 22 Sep 2023 14:37:02 -0300 Subject: [PATCH 06/28] Revision Bump --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index bcd17c34..336afe81 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-DOCKER_VERSION="4.6.0" -REVISION="40600" +REVISION="40601" From 5f3a0481ba5b167d2a47d06f53f9187d0c932c61 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 28 Sep 2023 12:14:34 +0200 Subject: [PATCH 07/28] Bump revision to 40507 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 36832e86..24c4402c 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-DOCKER_VERSION="4.5.3" -REVISION="40505" +REVISION="40507" From d5dc67e9c37897c923b660596cbd1a510ed9d24a Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 28 Sep 2023 10:37:08 -0300 Subject: [PATCH 08/28] Fixing Wazuh indexer files permissions --- build-docker-images/wazuh-indexer/config/config.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index adfae164..97fbac85 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -135,4 +135,10 @@ sed '/-Xms/d' -i ${TARGET_DIR}${CONFIG_DIR}/jvm.options sed '/-Xmx/d' -i ${TARGET_DIR}${CONFIG_DIR}/jvm.options chmod -R 500 ${TARGET_DIR}${CONFIG_DIR}/certs -chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/certs/* \ No newline at end of file +chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/certs/* + +find ${TARGET_DIR} -type d -exec chmod 750 {} \; +find ${TARGET_DIR} -type f -perm 644 -exec chmod 640 {} \; +find ${TARGET_DIR} -type f -perm 664 -exec chmod 660 {} \; +find ${TARGET_DIR} -type f -perm 755 -exec chmod 750 {} \; +find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \; \ No newline at end of file From d9b053caf46bdc538c7ab6360a897ed97c146c19 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 28 Sep 2023 12:48:38 -0300 Subject: [PATCH 09/28] Testing with another dir for opensearch security policy --- build-docker-images/wazuh-indexer/config/config.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 97fbac85..24149002 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -133,6 +133,8 @@ cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/certs/admin- # Delete xms and xmx parameters in jvm.options sed '/-Xms/d' -i ${TARGET_DIR}${CONFIG_DIR}/jvm.options sed '/-Xmx/d' -i ${TARGET_DIR}${CONFIG_DIR}/jvm.options +sed -i '|-Djava.security.policy=file:\/\/\/etc\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy|-Djava.security.policy=file:\/\/\/usr\/share\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy|' ${TARGET_DIR}${CONFIG_DIR}/jvm.options + chmod -R 500 ${TARGET_DIR}${CONFIG_DIR}/certs chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/certs/* From 8fa20abbbd8c717d4ceadeda6fc089ac3160b090 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 28 Sep 2023 14:29:53 -0300 Subject: [PATCH 10/28] Fixed sed command --- build-docker-images/wazuh-indexer/config/config.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 24149002..00540eef 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -133,7 +133,7 @@ cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/certs/admin- # Delete xms and xmx parameters in jvm.options sed '/-Xms/d' -i ${TARGET_DIR}${CONFIG_DIR}/jvm.options sed '/-Xmx/d' -i ${TARGET_DIR}${CONFIG_DIR}/jvm.options -sed -i '|-Djava.security.policy=file:\/\/\/etc\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy|-Djava.security.policy=file:\/\/\/usr\/share\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy|' ${TARGET_DIR}${CONFIG_DIR}/jvm.options +sed -i 's/-Djava.security.policy=file:\/\/\/etc\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy/-Djava.security.policy=file:\/\/\/usr\/share\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy/g' ${TARGET_DIR}${CONFIG_DIR}/jvm.options chmod -R 500 ${TARGET_DIR}${CONFIG_DIR}/certs From 23d34f6a8988099887a02f76c881133bf290feb4 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Mon, 2 Oct 2023 08:27:49 -0300 Subject: [PATCH 11/28] Fixed OpenSearch security plugin warnings --- build-docker-images/wazuh-indexer/config/config.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 00540eef..7d9dc129 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -143,4 +143,14 @@ find ${TARGET_DIR} -type d -exec chmod 750 {} \; find ${TARGET_DIR} -type f -perm 644 -exec chmod 640 {} \; find ${TARGET_DIR} -type f -perm 664 -exec chmod 660 {} \; find ${TARGET_DIR} -type f -perm 755 -exec chmod 750 {} \; -find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \; \ No newline at end of file +find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \; + +chmod -R 0700 ${TARGET_DIR}/.cache +chmod 0700 ${TARGET_DIR}/extensions +chmod 0700 ${TARGET_DIR}/logs +chmod 0600 ${TARGET_DIR}/opensearch.yml +find ${TARGET_DIR}/bin -type f -exec chmod 0600 {} \; +find ${TARGET_DIR}/jdk/bin -type f -exec chmod 0600 {} \; +chmod 0600 ${TARGET_DIR}/opensearch-security/internal_users.yml +find ${TARGET_DIR}/performance-analyzer-rca/bin -type f -exec chmod 0600 {} \; +chmod 0600 ${TARGET_DIR}/plugins/opensearch-security/tools/wazuh-certs-tool.sh From 905b4de859b01ee7ef557e0143d7f4b53a3524cc Mon Sep 17 00:00:00 2001 From: c-bordon Date: Mon, 2 Oct 2023 08:49:17 -0300 Subject: [PATCH 12/28] Testing change permissions in entrypoint --- build-docker-images/wazuh-indexer/config/config.sh | 10 ---------- .../wazuh-indexer/config/entrypoint.sh | 14 ++++++++++++++ 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 7d9dc129..30f5d1f2 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -144,13 +144,3 @@ find ${TARGET_DIR} -type f -perm 644 -exec chmod 640 {} \; find ${TARGET_DIR} -type f -perm 664 -exec chmod 660 {} \; find ${TARGET_DIR} -type f -perm 755 -exec chmod 750 {} \; find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \; - -chmod -R 0700 ${TARGET_DIR}/.cache -chmod 0700 ${TARGET_DIR}/extensions -chmod 0700 ${TARGET_DIR}/logs -chmod 0600 ${TARGET_DIR}/opensearch.yml -find ${TARGET_DIR}/bin -type f -exec chmod 0600 {} \; -find ${TARGET_DIR}/jdk/bin -type f -exec chmod 0600 {} \; -chmod 0600 ${TARGET_DIR}/opensearch-security/internal_users.yml -find ${TARGET_DIR}/performance-analyzer-rca/bin -type f -exec chmod 0600 {} \; -chmod 0600 ${TARGET_DIR}/plugins/opensearch-security/tools/wazuh-certs-tool.sh diff --git a/build-docker-images/wazuh-indexer/config/entrypoint.sh b/build-docker-images/wazuh-indexer/config/entrypoint.sh index 2acb4aa0..e4ff811e 100644 --- a/build-docker-images/wazuh-indexer/config/entrypoint.sh +++ b/build-docker-images/wazuh-indexer/config/entrypoint.sh @@ -13,6 +13,20 @@ export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filep export CERT="${OPENSEARCH_PATH_CONF}/certs/admin.pem" export KEY="${OPENSEARCH_PATH_CONF}/certs/admin-key.pem" + +# Fix OpenSearch security plugin permissions + +chmod -R 0700 ${TARGET_DIR}/.cache +chmod 0700 ${TARGET_DIR}/extensions +chmod 0700 ${TARGET_DIR}/logs +chmod 0600 ${TARGET_DIR}/opensearch.yml +find ${TARGET_DIR}/bin -type f -exec chmod 0600 {} \; +find ${TARGET_DIR}/jdk/bin -type f -exec chmod 0600 {} \; +chmod 0600 ${TARGET_DIR}/opensearch-security/internal_users.yml +find ${TARGET_DIR}/performance-analyzer-rca/bin -type f -exec chmod 0600 {} \; +chmod 0600 ${TARGET_DIR}/plugins/opensearch-security/tools/wazuh-certs-tool.sh + + run_as_other_user_if_needed() { if [[ "$(id -u)" == "0" ]]; then # If running as root, drop to specified UID and run command From c3c8ea3d0235996b5b3c05bf5a0c77d0fadd02e4 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Tue, 3 Oct 2023 12:20:17 -0300 Subject: [PATCH 13/28] Changing files permissions --- build-docker-images/wazuh-indexer/config/config.sh | 7 +++++++ .../wazuh-indexer/config/entrypoint.sh | 14 -------------- 2 files changed, 7 insertions(+), 14 deletions(-) diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 30f5d1f2..4d51efc3 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -144,3 +144,10 @@ find ${TARGET_DIR} -type f -perm 644 -exec chmod 640 {} \; find ${TARGET_DIR} -type f -perm 664 -exec chmod 660 {} \; find ${TARGET_DIR} -type f -perm 755 -exec chmod 750 {} \; find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \; + + +# Fix OpenSearch security plugin permissions +chown ${USER}:${GROUP} ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/internal_users.yml +chown ${USER}:${GROUP} ${TARGET_DIR}${CONFIG_DIR}/opensearch.yml +chmod 0600 ${TARGET_DIR}${CONFIG_DIR}/opensearch.yml +chmod 0600 ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/internal_users.yml \ No newline at end of file diff --git a/build-docker-images/wazuh-indexer/config/entrypoint.sh b/build-docker-images/wazuh-indexer/config/entrypoint.sh index e4ff811e..2acb4aa0 100644 --- a/build-docker-images/wazuh-indexer/config/entrypoint.sh +++ b/build-docker-images/wazuh-indexer/config/entrypoint.sh @@ -13,20 +13,6 @@ export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filep export CERT="${OPENSEARCH_PATH_CONF}/certs/admin.pem" export KEY="${OPENSEARCH_PATH_CONF}/certs/admin-key.pem" - -# Fix OpenSearch security plugin permissions - -chmod -R 0700 ${TARGET_DIR}/.cache -chmod 0700 ${TARGET_DIR}/extensions -chmod 0700 ${TARGET_DIR}/logs -chmod 0600 ${TARGET_DIR}/opensearch.yml -find ${TARGET_DIR}/bin -type f -exec chmod 0600 {} \; -find ${TARGET_DIR}/jdk/bin -type f -exec chmod 0600 {} \; -chmod 0600 ${TARGET_DIR}/opensearch-security/internal_users.yml -find ${TARGET_DIR}/performance-analyzer-rca/bin -type f -exec chmod 0600 {} \; -chmod 0600 ${TARGET_DIR}/plugins/opensearch-security/tools/wazuh-certs-tool.sh - - run_as_other_user_if_needed() { if [[ "$(id -u)" == "0" ]]; then # If running as root, drop to specified UID and run command From b22fa235c7f88bf55a0bff3e1e0cd3cc33b8eb99 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Tue, 3 Oct 2023 15:52:25 -0300 Subject: [PATCH 14/28] Updated build image script --- .env | 3 + build-docker-images/build-images.sh | 127 ++++++++++++++++-- .../wazuh-dashboard/Dockerfile | 2 +- build-docker-images/wazuh-manager/Dockerfile | 6 +- 4 files changed, 125 insertions(+), 13 deletions(-) diff --git a/.env b/.env index d51cc0c4..058409f9 100755 --- a/.env +++ b/.env @@ -1,3 +1,6 @@ WAZUH_VERSION=4.6.0 WAZUH_IMAGE_VERSION=4.6.0 WAZUH_TAG_REVISION=1 +FILEBEAT_TEMPLATE_BRANCH=v4.6.0 +WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.2.tar.gz +WAZUH_UI_REVISION=1 diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index a7b3ca46..79e56bc7 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -1,11 +1,120 @@ -WAZUH_IMAGE_VERSION=4.6.0 -WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g') -WAZUH_TAG_REVISION=1 -WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g') -IMAGE_VERSION=${WAZUH_IMAGE_VERSION} +#!/bin/bash -echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env -echo WAZUH_IMAGE_VERSION=$IMAGE_VERSION >> .env -echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> .env +# Wazuh package generator +# Copyright (C) 2023, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. -docker-compose -f build-docker-images/build-images.yml --env-file .env build --no-cache \ No newline at end of file +WAZUH_IMAGE_VERSION="4.6.0" +WAZUH_VERSION="$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')" +WAZUH_TAG_REVISION="1" +WAZUH_DEV_STAGE="" +FILEBEAT_TEMPLATE_BRANCH="v${WAZUH_IMAGE_VERSION}" +FILEBEAT_MODULE_VERSION="0.2" +WAZUH_FILEBEAT_MODULE="wazuh-filebeat-${FILEBEAT_MODULE_VERSION}.tar.gz" +WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}" + +# ----------------------------------------------------------------------------- + +trap ctrl_c INT + +clean() { + exit_code=$1 + + exit ${exit_code} +} + +ctrl_c() { + clean 1 +} + +# ----------------------------------------------------------------------------- + + +build() { + + if [ "${WAZUH_DEV_STAGE}" ];then + FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}" + fi + echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env + echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> .env + echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> .env + echo FILEBEAT_TEMPLATE_BRANCH=$FILEBEAT_TEMPLATE_BRANCH >> .env + echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> .env + echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> .env + + docker-compose -f build-docker-images/build-images.yml --env-file .env build --no-cache + + return 0 +} + +# ----------------------------------------------------------------------------- + +help() { + echo + echo "Usage: $0 [OPTIONS]" + echo + echo " -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default." + echo " -f, --filebeat-module [Optional] Set Filebeat module version. By default ${FILEBEAT_MODULE_VERSION}." + echo " -r, --revision [Optional] Package revision. By default ${WAZUH_TAG_REVISION}" + echo " -v, --version [Optional] Set the Wazuh version should be builded. By default, ${WAZUH_IMAGE_VERSION}." + echo " -h, --help Show this help." + echo + exit $1 +} + +# ----------------------------------------------------------------------------- + +main() { + while [ -n "${1}" ] + do + case "${1}" in + "-h"|"--help") + help 0 + ;; + "-d"|"--dev") + if [ -n "${2}" ]; then + WAZUH_DEV_STAGE="${2}" + shift 2 + else + help 1 + fi + ;; + "-f"|"--filebeat-module") + if [ -n "${2}" ]; then + FILEBEAT_MODULE_VERSION="${2}" + shift 2 + else + help 1 + fi + ;; + "-r"|"--revision") + if [ -n "${2}" ]; then + WAZUH_TAG_REVISION="${2}" + shift 2 + else + help 1 + fi + ;; + "-v"|"--version") + if [ -n "$2" ]; then + WAZUH_IMAGE_VERSION="$2" + shift 2 + else + help 1 + fi + ;; + *) + help 1 + esac + done + + build || clean 1 + + clean 0 +} + +main "$@" \ No newline at end of file diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index ef571d5c..44430b10 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -4,7 +4,7 @@ FROM ubuntu:focal AS builder ARG WAZUH_VERSION ARG WAZUH_TAG_REVISION ARG INSTALL_DIR=/usr/share/wazuh-dashboard -ARG WAZUH_UI_REVISION=1 +ARG WAZUH_UI_REVISION # Update and install dependencies RUN apt-get update && apt install curl libcap2-bin xz-utils -y diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 28a6e7b2..878a07a2 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -5,10 +5,10 @@ RUN rm /bin/sh && ln -s /bin/bash /bin/sh ARG WAZUH_VERSION ARG WAZUH_TAG_REVISION -ARG TEMPLATE_VERSION=v4.6.0 +ARG FILEBEAT_TEMPLATE_BRANCH ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 -ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.2.tar.gz" +ARG WAZUH_FILEBEAT_MODULE RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y @@ -38,7 +38,7 @@ COPY config/filebeat.yml /etc/filebeat/ RUN chmod go-w /etc/filebeat/filebeat.yml -ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat +ADD https://raw.githubusercontent.com/wazuh/wazuh/$FILEBEAT_TEMPLATE_BRANCH/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat RUN chmod go-w /etc/filebeat/wazuh-template.json # Prepare permanent data From 3fd3f423896b0e1cd2b16155955c509522dd6c39 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Tue, 3 Oct 2023 16:43:30 -0300 Subject: [PATCH 15/28] Added check for wazuh/wazuh branch --- build-docker-images/build-images.sh | 13 +++++++++++-- build-docker-images/build-images.yml | 3 +++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index 79e56bc7..6fd36d36 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -12,7 +12,7 @@ WAZUH_IMAGE_VERSION="4.6.0" WAZUH_VERSION="$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')" WAZUH_TAG_REVISION="1" WAZUH_DEV_STAGE="" -FILEBEAT_TEMPLATE_BRANCH="v${WAZUH_IMAGE_VERSION}" +FILEBEAT_TEMPLATE_BRANCH="${WAZUH_IMAGE_VERSION}" FILEBEAT_MODULE_VERSION="0.2" WAZUH_FILEBEAT_MODULE="wazuh-filebeat-${FILEBEAT_MODULE_VERSION}.tar.gz" WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}" @@ -37,8 +37,17 @@ ctrl_c() { build() { if [ "${WAZUH_DEV_STAGE}" ];then - FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}" + FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}" + else + if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then + FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}" + elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then + FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}" + else + echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" + fi fi + echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> .env echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> .env diff --git a/build-docker-images/build-images.yml b/build-docker-images/build-images.yml index 52984bf9..90fbb897 100644 --- a/build-docker-images/build-images.yml +++ b/build-docker-images/build-images.yml @@ -8,6 +8,8 @@ services: args: WAZUH_VERSION: ${WAZUH_VERSION} WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} + FILEBEAT_TEMPLATE_BRANCH: ${FILEBEAT_TEMPLATE_BRANCH} + WAZUH_FILEBEAT_MODULE: ${WAZUH_FILEBEAT_MODULE} image: wazuh/wazuh-manager:${WAZUH_IMAGE_VERSION} hostname: wazuh.manager restart: always @@ -61,6 +63,7 @@ services: args: WAZUH_VERSION: ${WAZUH_VERSION} WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} + WAZUH_UI_REVISION: ${WAZUH_UI_REVISION} image: wazuh/wazuh-dashboard:${WAZUH_IMAGE_VERSION} hostname: wazuh.dashboard restart: always From 36c06dc4c8743dc4fb79792f5946df211947e295 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Tue, 3 Oct 2023 16:54:43 -0300 Subject: [PATCH 16/28] Added validation for dev branch --- build-docker-images/build-images.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index 6fd36d36..9ddc0c6c 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -38,6 +38,10 @@ build() { if [ "${WAZUH_DEV_STAGE}" ];then FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}" + if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then + echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" + clean 1 + fi else if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}" @@ -45,6 +49,7 @@ build() { FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}" else echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" + clean 1 fi fi From 545ef6851b3a80742d44d54ce5faa71de9763a25 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Tue, 3 Oct 2023 16:59:08 -0300 Subject: [PATCH 17/28] Fixed validation --- build-docker-images/build-images.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index 9ddc0c6c..d521bd05 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -38,7 +38,7 @@ build() { if [ "${WAZUH_DEV_STAGE}" ];then FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}" - if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then + if ! curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" clean 1 fi From e205c87d3763eb27cc356a89fe41fd311966d439 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Wed, 4 Oct 2023 08:35:45 -0300 Subject: [PATCH 18/28] .env file updated --- .env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.env b/.env index 058409f9..15a61adb 100755 --- a/.env +++ b/.env @@ -1,6 +1,6 @@ WAZUH_VERSION=4.6.0 WAZUH_IMAGE_VERSION=4.6.0 WAZUH_TAG_REVISION=1 -FILEBEAT_TEMPLATE_BRANCH=v4.6.0 +FILEBEAT_TEMPLATE_BRANCH=4.6.0 WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.2.tar.gz WAZUH_UI_REVISION=1 From a2ee29bfd33824826c455007c5cd16187da5c89c Mon Sep 17 00:00:00 2001 From: c-bordon Date: Wed, 4 Oct 2023 09:36:08 -0300 Subject: [PATCH 19/28] Updated file permissions to have the same permissions as in package installation in Wazuh indexer --- build-docker-images/wazuh-indexer/config/config.sh | 7 ------- 1 file changed, 7 deletions(-) diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 4d51efc3..30f5d1f2 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -144,10 +144,3 @@ find ${TARGET_DIR} -type f -perm 644 -exec chmod 640 {} \; find ${TARGET_DIR} -type f -perm 664 -exec chmod 660 {} \; find ${TARGET_DIR} -type f -perm 755 -exec chmod 750 {} \; find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \; - - -# Fix OpenSearch security plugin permissions -chown ${USER}:${GROUP} ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/internal_users.yml -chown ${USER}:${GROUP} ${TARGET_DIR}${CONFIG_DIR}/opensearch.yml -chmod 0600 ${TARGET_DIR}${CONFIG_DIR}/opensearch.yml -chmod 0600 ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/internal_users.yml \ No newline at end of file From 7172c818c7b47c6f5530a4db36e89a6137ab1f17 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Wed, 4 Oct 2023 11:16:04 -0300 Subject: [PATCH 20/28] Update order of variables --- .env | 6 +++--- build-docker-images/build-images.sh | 9 +++++---- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/.env b/.env index 15a61adb..89f10a31 100755 --- a/.env +++ b/.env @@ -1,6 +1,6 @@ -WAZUH_VERSION=4.6.0 -WAZUH_IMAGE_VERSION=4.6.0 +WAZUH_VERSION=4.5.3 +WAZUH_IMAGE_VERSION=4.5.3 WAZUH_TAG_REVISION=1 -FILEBEAT_TEMPLATE_BRANCH=4.6.0 +FILEBEAT_TEMPLATE_BRANCH=v4.5.3-rc2 WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.2.tar.gz WAZUH_UI_REVISION=1 diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index d521bd05..6e14ed71 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -9,13 +9,9 @@ # Foundation. WAZUH_IMAGE_VERSION="4.6.0" -WAZUH_VERSION="$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')" WAZUH_TAG_REVISION="1" WAZUH_DEV_STAGE="" -FILEBEAT_TEMPLATE_BRANCH="${WAZUH_IMAGE_VERSION}" FILEBEAT_MODULE_VERSION="0.2" -WAZUH_FILEBEAT_MODULE="wazuh-filebeat-${FILEBEAT_MODULE_VERSION}.tar.gz" -WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}" # ----------------------------------------------------------------------------- @@ -36,6 +32,11 @@ ctrl_c() { build() { + WAZUH_VERSION="$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')" + FILEBEAT_TEMPLATE_BRANCH="${WAZUH_IMAGE_VERSION}" + WAZUH_FILEBEAT_MODULE="wazuh-filebeat-${FILEBEAT_MODULE_VERSION}.tar.gz" + WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}" + if [ "${WAZUH_DEV_STAGE}" ];then FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}" if ! curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then From 893796c4a236552f929a5cb910adae761b9c8e22 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Wed, 4 Oct 2023 11:41:22 -0300 Subject: [PATCH 21/28] Restore .env file --- .env | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.env b/.env index 89f10a31..d51cc0c4 100755 --- a/.env +++ b/.env @@ -1,6 +1,3 @@ -WAZUH_VERSION=4.5.3 -WAZUH_IMAGE_VERSION=4.5.3 +WAZUH_VERSION=4.6.0 +WAZUH_IMAGE_VERSION=4.6.0 WAZUH_TAG_REVISION=1 -FILEBEAT_TEMPLATE_BRANCH=v4.5.3-rc2 -WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.2.tar.gz -WAZUH_UI_REVISION=1 From 8ac3ea1e8a2526d1e67dfa353c7270a772eea40a Mon Sep 17 00:00:00 2001 From: c-bordon Date: Wed, 4 Oct 2023 11:44:00 -0300 Subject: [PATCH 22/28] Added final space --- build-docker-images/build-images.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index 6e14ed71..e6044bf8 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -132,4 +132,4 @@ main() { clean 0 } -main "$@" \ No newline at end of file +main "$@" From 1b41068618265ccd8b951cbc7cb92a0b4971895a Mon Sep 17 00:00:00 2001 From: c-bordon Date: Wed, 4 Oct 2023 11:55:39 -0300 Subject: [PATCH 23/28] Updated README file --- build-docker-images/README.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/build-docker-images/README.md b/build-docker-images/README.md index 13f1c9bf..a62978ac 100644 --- a/build-docker-images/README.md +++ b/build-docker-images/README.md @@ -9,3 +9,24 @@ $ build-docker-images/build-images.sh ``` This script initializes the environment variables needed to build each of the images. + +The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: + +``` +$ build-docker-images/build-images.sh -v 4.5.2 +``` + +To get all the available script options use the -h or --help option: + +``` +$ build-docker-images/build-images.sh -h + +Usage: build-docker-images/build-images.sh [OPTIONS] + + -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. + -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.2. + -r, --revision [Optional] Package revision. By default 1 + -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.6.0. + -h, --help Show this help. + +``` \ No newline at end of file From c550c1a852af262aca6131b7f78ed40c3b4dcefc Mon Sep 17 00:00:00 2001 From: c-bordon Date: Wed, 4 Oct 2023 12:29:15 -0300 Subject: [PATCH 24/28] Added validation for version in master branch --- build-docker-images/build-images.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index e6044bf8..d441cd9e 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -49,8 +49,13 @@ build() { elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}" else - echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" - clean 1 + WAZUH_MASTER_VERSION="$(curl -s https://raw.githubusercontent.com/wazuh/wazuh/master/src/VERSION | sed -e 's/v//g')" + if [ "${FILEBEAT_TEMPLATE_BRANCH}" == "${WAZUH_MASTER_VERSION}" ]; then + FILEBEAT_TEMPLATE_BRANCH="master" + else + echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" + clean 1 + fi fi fi From 61bfe584912ffe4a4094d6d168363a542d802495 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Wed, 4 Oct 2023 15:38:39 -0300 Subject: [PATCH 25/28] Changed validation order for wazuh branch --- build-docker-images/build-images.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index d441cd9e..f147497a 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -44,10 +44,10 @@ build() { clean 1 fi else - if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then - FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}" - elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then + if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}" + elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then + FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}" else WAZUH_MASTER_VERSION="$(curl -s https://raw.githubusercontent.com/wazuh/wazuh/master/src/VERSION | sed -e 's/v//g')" if [ "${FILEBEAT_TEMPLATE_BRANCH}" == "${WAZUH_MASTER_VERSION}" ]; then From d7e051af19168360aa6e5e7fafc94b1fc814184c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 5 Oct 2023 11:44:40 -0300 Subject: [PATCH 26/28] Bump 4.5.3 revision --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 24c4402c..e0b03686 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-DOCKER_VERSION="4.5.3" -REVISION="40507" +REVISION="40508" From 64f083631d39dfa3a5d4fda89927ab717f37be4e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 6 Oct 2023 14:11:05 +0200 Subject: [PATCH 27/28] Bump revision to 40602 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 336afe81..d6b11e18 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-DOCKER_VERSION="4.6.0" -REVISION="40601" +REVISION="40602" From 5aaeb0d944647c055eea49de46ba2855f6877c70 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 9 Oct 2023 06:34:35 -0300 Subject: [PATCH 28/28] Updated version in new builder script --- build-docker-images/README.md | 2 +- build-docker-images/build-images.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/build-docker-images/README.md b/build-docker-images/README.md index a62978ac..10ba48d0 100644 --- a/build-docker-images/README.md +++ b/build-docker-images/README.md @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.2. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.6.0. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.7.1. -h, --help Show this help. ``` \ No newline at end of file diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index 092cdc67..611b065a 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -12,7 +12,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION} # License (version 2) as published by the FSF - Free Software # Foundation. -WAZUH_IMAGE_VERSION="4.6.0" +WAZUH_IMAGE_VERSION="4.7.1" WAZUH_TAG_REVISION="1" WAZUH_DEV_STAGE="" FILEBEAT_MODULE_VERSION="0.2"