From c817edd8de4754e20a7be25113fae56c2dab5ae5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 27 Aug 2024 12:00:53 +0200 Subject: [PATCH 001/126] Changed automation reference input parameter --- .github/workflows/Test_installation_assistant.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 6393629..67b08e0 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -21,9 +21,9 @@ on: - staging - pre-release AUTOMATION_REFERENCE: - description: 'wazuh-automation reference' + description: 'Branch or tag of the wazuh-automation repository' required: true - default: 'v4.10.0' + default: '4.10.0' SYSTEM: description: 'Operating System' required: true @@ -59,4 +59,4 @@ jobs: steps: - name: Set up Git - uses: actions/checkout@v3 + uses: actions/checkout@v3 \ No newline at end of file From aadf48730d87c8b110a127d8c839291f2898bc10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 27 Aug 2024 12:02:26 +0200 Subject: [PATCH 002/126] Fixed runs-on parameter --- .github/workflows/Test_installation_assistant.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 67b08e0..22362df 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -51,11 +51,13 @@ on: type: boolean env: - LABEL: ubuntu-latest + COMPOSITE_NAME: "linux-SUBNAME-amd64" + SESSION_NAME: "Installation-Assistant-Test" + REGION: "us-east-1" jobs: initialize-environment: - runs-on: $LABEL + runs-on: ubuntu-latest steps: - name: Set up Git From 058150ade3452349793d6248cd7f179ecf8deeed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 27 Aug 2024 12:04:48 +0200 Subject: [PATCH 003/126] Added view parameters step --- .github/workflows/Test_installation_assistant.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 22362df..fc7dbb9 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -60,5 +60,8 @@ jobs: runs-on: ubuntu-latest steps: - - name: Set up Git - uses: actions/checkout@v3 \ No newline at end of file + - name: Checkout code + uses: actions/checkout@v4 + + - name: View parameters + run: echo "${{ toJson(inputs) }}" From b719d82a7afa8686ec7215c7813e7396b421f5a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 27 Aug 2024 12:08:10 +0200 Subject: [PATCH 004/126] Added composite name variable set --- .../workflows/Test_installation_assistant.yml | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index fc7dbb9..cd842e6 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -65,3 +65,42 @@ jobs: - name: View parameters run: echo "${{ toJson(inputs) }}" + + - name: Set COMPOSITE_NAME variable + run: | + case "${{ inputs.SYSTEM }}" in + "CentOS 7") + SUBNAME="centos-7" + ;; + "CentOS 8") + SUBNAME="centos-8" + ;; + "Amazon Linux 2") + SUBNAME="amazon-2" + ;; + "Ubuntu 16") + SUBNAME="ubuntu-16.04" + ;; + "Ubuntu 18") + SUBNAME="ubuntu-18.04" + ;; + "Ubuntu 20") + SUBNAME="ubuntu-20.04" + ;; + "Ubuntu 22") + SUBNAME="ubuntu-22.04" + ;; + "RHEL7") + SUBNAME="redhat-7" + ;; + "RHEL8") + SUBNAME="redhat-8" + ;; + *) + echo "Invalid SYSTEM selection" >&2 + exit 1 + ;; + esac + COMPOSITE_NAME="${COMPOSITE_NAME/SUBNAME/$SUBNAME}" + echo "COMPOSITE_NAME=$COMPOSITE_NAME" >> $GITHUB_ENV + \ No newline at end of file From 1d848401bbd5db36460e97f311bd4aa817bdfd08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 27 Aug 2024 12:09:09 +0200 Subject: [PATCH 005/126] Added Ansible installation step --- .github/workflows/Test_installation_assistant.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index cd842e6..a88d9e6 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -103,4 +103,6 @@ jobs: esac COMPOSITE_NAME="${COMPOSITE_NAME/SUBNAME/$SUBNAME}" echo "COMPOSITE_NAME=$COMPOSITE_NAME" >> $GITHUB_ENV - \ No newline at end of file + + - name: Install Ansible + run: sudo apt-get update && sudo apt-add-repository ppa:ansible/ansible && sudo apt install -y ansible From f2f10bd56e1d872c203cc22c7812a4637c000e2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 27 Aug 2024 12:52:37 +0200 Subject: [PATCH 006/126] Added AWS credentials setup and automation checkout steps --- .../workflows/Test_installation_assistant.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index a88d9e6..cf40c4b 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -55,6 +55,10 @@ env: SESSION_NAME: "Installation-Assistant-Test" REGION: "us-east-1" +permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + jobs: initialize-environment: runs-on: ubuntu-latest @@ -106,3 +110,17 @@ jobs: - name: Install Ansible run: sudo apt-get update && sudo apt-add-repository ppa:ansible/ansible && sudo apt install -y ansible + + - name: Set up AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.AWS_IAM_ROLE }} + role-session-name: ${{ env.SESSION_NAME }} + aws-region: ${{ env.REGION }} + + - name: Checkout wazuh/wazuh-automation repository + uses: actions/checkout@v4 + with: + repository: wazuh/wazuh-automation + ref: ${{ inputs.AUTOMATION_REFERENCE }} + token: ${{ secrets.GH_CLONE_TOKEN }} From 7321b1479e3ae45ff055c7f9c41cd2e2d88a9d8f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 27 Aug 2024 13:11:44 +0200 Subject: [PATCH 007/126] Added allocator instance provision --- .../workflows/Test_installation_assistant.yml | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index cf40c4b..027a293 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -124,3 +124,27 @@ jobs: repository: wazuh/wazuh-automation ref: ${{ inputs.AUTOMATION_REFERENCE }} token: ${{ secrets.GH_CLONE_TOKEN }} + + - name: Install and set allocator requirements + run: pip3 install -r deployability/deps/requirements.txt + + - name: Allocate instance test and set SSH variables + id: allocator_instance + run: | + python3 deployability/modules/allocation/main.py --action create --provider aws --size large --composite-name ${{ env.COMPOSITE_NAME }} --working-dir /tmp/allocator_instance \ + --track-output /tmp/allocator_instance/track.yml --inventory-output /tmp/allocator_instance/inventory.yml --instance-name gha_${{ github.run_id }}_assistant_test \ + --label-team devops --label-termination-date 1d + + sed 's/: */=/g' /tmp/allocator_instance/inventory.yml > /tmp/allocator_instance/inventory_mod.yml + source /tmp/allocator_instance/inventory_mod.yml + + echo "[gha_instance]" > /tmp/allocator_instance/inventory_ansible.ini + echo "$ansible_host ansible_port=$ansible_port ansible_user=$ansible_user ansible_ssh_private_key_file=$ansible_ssh_private_key_file ansible_ssh_common_args='$ansible_ssh_common_args'" >> /tmp/allocator_instance/inventory_ansible.ini + + echo "::add-mask::$ansible_host" + echo "::add-mask::$ansible_port" + echo "::add-mask::$ansible_user" + echo "::add-mask::$ansible_ssh_private_key_file" + echo "::add-mask::$ansible_ssh_common_args" + cat "/tmp/allocator_instance/inventory_mod.yml" >> $GITHUB_ENV; + cat /tmp/allocator_instance/inventory_ansible.ini From 81033b9c46d3c1305d449a7e8fbed47fc7c7eb09 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 27 Aug 2024 13:12:35 +0200 Subject: [PATCH 008/126] Added allocator instance deletion --- .github/workflows/Test_installation_assistant.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 027a293..e115521 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -148,3 +148,7 @@ jobs: echo "::add-mask::$ansible_ssh_common_args" cat "/tmp/allocator_instance/inventory_mod.yml" >> $GITHUB_ENV; cat /tmp/allocator_instance/inventory_ansible.ini + + - name: Delete allocated VM + if: always() && steps.allocator_instance.outcome == 'success' + run: python3 deployability/modules/allocation/main.py --action delete --track-output /tmp/allocator_instance/track.yml \ No newline at end of file From 549f9b39b0eb3e97f748c819fee02956c9d060a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 11:02:51 +0200 Subject: [PATCH 009/126] Added provision playbook execution --- .../workflows/Test_installation_assistant.yml | 53 ++++-- .../workflows/ansible-playbooks/provision.yml | 159 ++++++++++++++++++ 2 files changed, 197 insertions(+), 15 deletions(-) create mode 100644 .github/workflows/ansible-playbooks/provision.yml diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index e115521..fd47561 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -124,31 +124,54 @@ jobs: repository: wazuh/wazuh-automation ref: ${{ inputs.AUTOMATION_REFERENCE }} token: ${{ secrets.GH_CLONE_TOKEN }} - + path: wazuh-automation + - name: Install and set allocator requirements - run: pip3 install -r deployability/deps/requirements.txt + run: pip3 install -r wazuh-automation/deployability/deps/requirements.txt - name: Allocate instance test and set SSH variables id: allocator_instance run: | - python3 deployability/modules/allocation/main.py --action create --provider aws --size large --composite-name ${{ env.COMPOSITE_NAME }} --working-dir /tmp/allocator_instance \ + python3 wazuh-automation/deployability/modules/allocation/main.py --action create --provider aws --size large --composite-name ${{ env.COMPOSITE_NAME }} --working-dir /tmp/allocator_instance \ --track-output /tmp/allocator_instance/track.yml --inventory-output /tmp/allocator_instance/inventory.yml --instance-name gha_${{ github.run_id }}_assistant_test \ --label-team devops --label-termination-date 1d sed 's/: */=/g' /tmp/allocator_instance/inventory.yml > /tmp/allocator_instance/inventory_mod.yml + sed -i 's/-o StrictHostKeyChecking=no/\"-o StrictHostKeyChecking=no\"/g' /tmp/allocator_instance/inventory_mod.yml source /tmp/allocator_instance/inventory_mod.yml - echo "[gha_instance]" > /tmp/allocator_instance/inventory_ansible.ini - echo "$ansible_host ansible_port=$ansible_port ansible_user=$ansible_user ansible_ssh_private_key_file=$ansible_ssh_private_key_file ansible_ssh_common_args='$ansible_ssh_common_args'" >> /tmp/allocator_instance/inventory_ansible.ini - - echo "::add-mask::$ansible_host" - echo "::add-mask::$ansible_port" - echo "::add-mask::$ansible_user" - echo "::add-mask::$ansible_ssh_private_key_file" - echo "::add-mask::$ansible_ssh_common_args" - cat "/tmp/allocator_instance/inventory_mod.yml" >> $GITHUB_ENV; - cat /tmp/allocator_instance/inventory_ansible.ini - + echo "[gha_instance]" > /tmp/allocator_instance/inventory + echo "$ansible_host ansible_port=$ansible_port ansible_user=$ansible_user ansible_ssh_private_key_file=$ansible_ssh_private_key_file ansible_ssh_common_args='$ansible_ssh_common_args'" >> /tmp/allocator_instance/inventory + + - name: Execute provision.yml playbook + run: | + INSTALL_DEPS=true + INSTALL_PYTHON=true + INSTALL_PIP_DEPS=true + + REPOSITORY_URL="https://github.com/wazuh/wazuh-installation-assistant.git" + PACKAGES_REFERENCE="${{ github.ref_name }}" + TMP_PATH="/tmp/test" + PKG_REPOSITORY="${{ inputs.REPOSITORY }}" + + ANSIBLE_PYTHON_INTERPRETER="" + if [ "${{ inputs.SYSTEM }}" == "CentOS 8" ]; then + ANSIBLE_PYTHON_INTERPRETER="/usr/bin/python3" + fi + + ansible-playbook .github/workflows/ansible-playbooks/provision.yml \ + -i /tmp/allocator_instance/inventory \ + -l all \ + -e repository=$REPOSITORY_URL \ + -e packages_reference=$PACKAGES_REFERENCE \ + -e tmp_path=$TMP_PATH \ + -e pkg_repository=$PKG_REPOSITORY \ + -e install_deps=$INSTALL_DEPS \ + -e install_python=$INSTALL_PYTHON \ + -e install_pip_deps=$INSTALL_PIP_DEPS \ + ${ANSIBLE_PYTHON_INTERPRETER:+-e ansible_python_interpreter=$ANSIBLE_PYTHON_INTERPRETER} \ + -v + - name: Delete allocated VM if: always() && steps.allocator_instance.outcome == 'success' - run: python3 deployability/modules/allocation/main.py --action delete --track-output /tmp/allocator_instance/track.yml \ No newline at end of file + run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output /tmp/allocator_instance/track.yml diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml new file mode 100644 index 0000000..4c50ede --- /dev/null +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -0,0 +1,159 @@ +--- +- hosts: all + become: true + vars: + script_path: "{{ tmp_path }}" + script_name: "wazuh-install.sh" + rpm_deps: + - git + - python3 + - python3-pip + - openssl + - tar + apt_deps: + - git + - software-properties-common + - gnupg2 + pip_deps: + - attrs==21.1.0 + - importlib-metadata==4.8.2 + - iniconfig==1.1.1 + - packaging==21.3 + - pluggy==1.0.0 + - py==1.11.0 + - pyparsing==3.0.6 + - toml==0.10.2 + - typing-extensions==4.0.0 + - pytest==6.2.5 + - pyyaml + - requests + - setuptools + - beautifulsoup4 + - urllib3==1.26.6 + + tasks: + - name: Make tmp folder directory + file: + path: "{{ tmp_path }}" + state: directory + + - name: Install main deps block + block: + + - name: Install required dependencies DNF + dnf: + name: "{{ rpm_deps }}" + state: present + when: ansible_pkg_mgr == "dnf" + + # --------------------------------------------------------------------- + + - name: Install required dependencies YUM + yum: + name: "{{ rpm_deps }}" + state: present + when: ansible_pkg_mgr == "yum" + + # --------------------------------------------------------------------- + + - name: Install required dependencies APT + apt: + name: "{{ apt_deps }}" + state: present + update_cache: yes + when: ansible_pkg_mgr == "apt" + when: + - install_deps is defined + - install_deps == true + + - name: Install Python and pip + block: + + # --------------------------------------------------------------------- + # Ubuntu -------------------------------------------------------------- + + - name: Set up Python 3.9 repository + apt_repository: + repo: 'ppa:deadsnakes/ppa' + when: + - ansible_pkg_mgr == "apt" + - ansible_distribution == "Ubuntu" + + - name: Install Python3.9 on Ubuntu Jammy + apt: + name: + - python3.9 + - python3.9-distutils + state: present + update_cache: yes + when: + - ansible_pkg_mgr == "apt" + - ansible_distribution == "Ubuntu" + - ansible_distribution_release == "jammy" + + - name: Change Python link Ubuntu Jammy + command: ln -sf /usr/bin/python3.9 /usr/bin/python3 + when: + - ansible_pkg_mgr == "apt" + - ansible_distribution == "Ubuntu" + - ansible_distribution_release == "jammy" + + - name: Change Python link Ubuntu Xenial + command: ln -sf /usr/local/bin/python3.8 /usr/bin/python3 + when: + - ansible_pkg_mgr == "apt" + - ansible_distribution == "Ubuntu" + - ansible_distribution_release == "xenial" + + # --------------------------------------------------------------------- + # Pip installation ---------------------------------------------------- + + - stat: + path: /usr/bin/pip3 + register: stat_pip3 + when: + - ansible_pkg_mgr == "apt" + + - name: Install pip Ubuntu\Debian + shell: curl https://bootstrap.pypa.io/get-pip.py | python3 - + when: + - ansible_pkg_mgr == "apt" + - stat_pip3.stat.exists == False + - ansible_distribution_release != "xenial" + - ansible_distribution_release != "focal" + - ansible_distribution_release != "bionic" + + - name: Install pip Ubuntu Xenial + shell: curl https://bootstrap.pypa.io/get-pip.py | python3 - + when: + - ansible_pkg_mgr == "apt" + - stat_pip3.stat.exists == False + - ansible_distribution_release == "xenial" + + when: + - install_python is defined + - install_python == true + + # No version specified in pyyaml due to Xenial error. + - name: Install pytest + command: pip3 install {{ item }} + with_items: "{{ pip_deps }}" + when: + - install_pip_deps is defined + - install_pip_deps == true + + - name: Clone installation assistant git repository + git: + repo: "{{ repository }}" + dest: "{{ tmp_path }}" + version: "{{ packages_reference }}" + depth: 1 + force: true + + - name: Generate unattended + command: "bash {{ tmp_path }}/builder.sh -i -d" + + - name: Change pre-release repository to selected one + command: "sed -i 's|pre-release|{{ pkg_repository }}|g' {{ script_name }}" + args: + chdir: "{{ script_path }}" From 509a003e171c738455e17ce9d4adbbc362bbeca6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 12:04:47 +0200 Subject: [PATCH 010/126] Changed boolean variables in provision playbook --- .../workflows/Test_installation_assistant.yml | 16 ++++++++-------- .../workflows/ansible-playbooks/provision.yml | 6 +++--- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index fd47561..19217ad 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -162,14 +162,14 @@ jobs: ansible-playbook .github/workflows/ansible-playbooks/provision.yml \ -i /tmp/allocator_instance/inventory \ -l all \ - -e repository=$REPOSITORY_URL \ - -e packages_reference=$PACKAGES_REFERENCE \ - -e tmp_path=$TMP_PATH \ - -e pkg_repository=$PKG_REPOSITORY \ - -e install_deps=$INSTALL_DEPS \ - -e install_python=$INSTALL_PYTHON \ - -e install_pip_deps=$INSTALL_PIP_DEPS \ - ${ANSIBLE_PYTHON_INTERPRETER:+-e ansible_python_interpreter=$ANSIBLE_PYTHON_INTERPRETER} \ + -e "repository=$REPOSITORY_URL" \ + -e "packages_reference=$PACKAGES_REFERENCE" \ + -e "tmp_path=$TMP_PATH" \ + -e "pkg_repository=$PKG_REPOSITORY" \ + -e "install_deps=$INSTALL_DEPS" \ + -e "install_python=$INSTALL_PYTHON" \ + -e "install_pip_deps=$INSTALL_PIP_DEPS" \ + ${ANSIBLE_PYTHON_INTERPRETER:+-e "ansible_python_interpreter=$ANSIBLE_PYTHON_INTERPRETER"} \ -v - name: Delete allocated VM diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index 4c50ede..fe97d28 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -64,7 +64,7 @@ when: ansible_pkg_mgr == "apt" when: - install_deps is defined - - install_deps == true + - install_deps | bool - name: Install Python and pip block: @@ -132,7 +132,7 @@ when: - install_python is defined - - install_python == true + - install_python | bool # No version specified in pyyaml due to Xenial error. - name: Install pytest @@ -140,7 +140,7 @@ with_items: "{{ pip_deps }}" when: - install_pip_deps is defined - - install_pip_deps == true + - install_pip_deps | bool - name: Clone installation assistant git repository git: From d8e5c9bce8ef3835a0c2403c6d062c9d5b0b146d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 12:19:32 +0200 Subject: [PATCH 011/126] Removed ansible_pkg_mgr variable in provision playbook --- .../workflows/ansible-playbooks/provision.yml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index fe97d28..1175711 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -44,7 +44,7 @@ dnf: name: "{{ rpm_deps }}" state: present - when: ansible_pkg_mgr == "dnf" + when: ansible_os_family == 'RedHat' # --------------------------------------------------------------------- @@ -52,7 +52,7 @@ yum: name: "{{ rpm_deps }}" state: present - when: ansible_pkg_mgr == "yum" + when: ansible_os_family == 'RedHat' # --------------------------------------------------------------------- @@ -61,7 +61,7 @@ name: "{{ apt_deps }}" state: present update_cache: yes - when: ansible_pkg_mgr == "apt" + when: ansible_os_family == 'Debian' when: - install_deps is defined - install_deps | bool @@ -76,7 +76,7 @@ apt_repository: repo: 'ppa:deadsnakes/ppa' when: - - ansible_pkg_mgr == "apt" + - ansible_os_family == 'Debian' - ansible_distribution == "Ubuntu" - name: Install Python3.9 on Ubuntu Jammy @@ -87,21 +87,21 @@ state: present update_cache: yes when: - - ansible_pkg_mgr == "apt" + - ansible_os_family == 'Debian' - ansible_distribution == "Ubuntu" - ansible_distribution_release == "jammy" - name: Change Python link Ubuntu Jammy command: ln -sf /usr/bin/python3.9 /usr/bin/python3 when: - - ansible_pkg_mgr == "apt" + - ansible_os_family == 'Debian' - ansible_distribution == "Ubuntu" - ansible_distribution_release == "jammy" - name: Change Python link Ubuntu Xenial command: ln -sf /usr/local/bin/python3.8 /usr/bin/python3 when: - - ansible_pkg_mgr == "apt" + - ansible_os_family == 'Debian' - ansible_distribution == "Ubuntu" - ansible_distribution_release == "xenial" @@ -112,12 +112,12 @@ path: /usr/bin/pip3 register: stat_pip3 when: - - ansible_pkg_mgr == "apt" + - ansible_os_family == 'Debian' - name: Install pip Ubuntu\Debian shell: curl https://bootstrap.pypa.io/get-pip.py | python3 - when: - - ansible_pkg_mgr == "apt" + - ansible_os_family == 'Debian' - stat_pip3.stat.exists == False - ansible_distribution_release != "xenial" - ansible_distribution_release != "focal" @@ -126,7 +126,7 @@ - name: Install pip Ubuntu Xenial shell: curl https://bootstrap.pypa.io/get-pip.py | python3 - when: - - ansible_pkg_mgr == "apt" + - ansible_os_family == 'Debian' - stat_pip3.stat.exists == False - ansible_distribution_release == "xenial" From 249f9a3332370e58e2eba7ae497e922f2a21e839 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 12:24:16 +0200 Subject: [PATCH 012/126] Removed DNF block --- .github/workflows/ansible-playbooks/provision.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index 1175711..d93d43a 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -40,12 +40,6 @@ - name: Install main deps block block: - - name: Install required dependencies DNF - dnf: - name: "{{ rpm_deps }}" - state: present - when: ansible_os_family == 'RedHat' - # --------------------------------------------------------------------- - name: Install required dependencies YUM From 622e32865b5a13ff991d1fec1f383fce1334769b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 12:41:59 +0200 Subject: [PATCH 013/126] Changed apt/yum for package --- .github/workflows/ansible-playbooks/provision.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index d93d43a..bc7129a 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -43,7 +43,7 @@ # --------------------------------------------------------------------- - name: Install required dependencies YUM - yum: + package: name: "{{ rpm_deps }}" state: present when: ansible_os_family == 'RedHat' @@ -51,7 +51,7 @@ # --------------------------------------------------------------------- - name: Install required dependencies APT - apt: + package: name: "{{ apt_deps }}" state: present update_cache: yes @@ -74,7 +74,7 @@ - ansible_distribution == "Ubuntu" - name: Install Python3.9 on Ubuntu Jammy - apt: + package: name: - python3.9 - python3.9-distutils From cc55350e76d9827f792195c73cf81c2a8dd13d22 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 13:31:40 +0200 Subject: [PATCH 014/126] Adding modules directly --- .github/workflows/Test_installation_assistant.yml | 2 +- .github/workflows/ansible-playbooks/provision.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 19217ad..386b7f5 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -109,7 +109,7 @@ jobs: echo "COMPOSITE_NAME=$COMPOSITE_NAME" >> $GITHUB_ENV - name: Install Ansible - run: sudo apt-get update && sudo apt-add-repository ppa:ansible/ansible && sudo apt install -y ansible + run: sudo apt-get update && sudo apt install software-properties-common && sudo add-apt-repository --yes --update ppa:ansible/ansible && sudo apt install -y ansible - name: Set up AWS credentials uses: aws-actions/configure-aws-credentials@v4 diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index bc7129a..a4a966f 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -43,7 +43,7 @@ # --------------------------------------------------------------------- - name: Install required dependencies YUM - package: + ansible.builtin.yum: name: "{{ rpm_deps }}" state: present when: ansible_os_family == 'RedHat' @@ -51,7 +51,7 @@ # --------------------------------------------------------------------- - name: Install required dependencies APT - package: + ansible.builtin.apt: name: "{{ apt_deps }}" state: present update_cache: yes @@ -74,7 +74,7 @@ - ansible_distribution == "Ubuntu" - name: Install Python3.9 on Ubuntu Jammy - package: + ansible.builtin.apt: name: - python3.9 - python3.9-distutils From a338d17aa149e10844ed84f9f638d5d312224bd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 14:17:02 +0200 Subject: [PATCH 015/126] Adding ansible dependencies --- .github/workflows/Test_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 386b7f5..065d9c6 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -109,7 +109,7 @@ jobs: echo "COMPOSITE_NAME=$COMPOSITE_NAME" >> $GITHUB_ENV - name: Install Ansible - run: sudo apt-get update && sudo apt install software-properties-common && sudo add-apt-repository --yes --update ppa:ansible/ansible && sudo apt install -y ansible + run: sudo apt-get update && sudo apt install software-properties-common && sudo add-apt-repository --yes --update ppa:ansible/ansible && sudo apt install -y ansible python-is-python3 python3-apt python3-dnf - name: Set up AWS credentials uses: aws-actions/configure-aws-credentials@v4 From 2be99701a3aad52b3a13a1ae63009ab4c682f745 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 14:25:04 +0200 Subject: [PATCH 016/126] Debugging ansible version --- .github/workflows/Test_installation_assistant.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 065d9c6..ce99a02 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -111,6 +111,9 @@ jobs: - name: Install Ansible run: sudo apt-get update && sudo apt install software-properties-common && sudo add-apt-repository --yes --update ppa:ansible/ansible && sudo apt install -y ansible python-is-python3 python3-apt python3-dnf + - name: Get Ansible + run: ansible --version + - name: Set up AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: From 1e37109e9a058172a96e7b71faa5edb7d99f5c2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 14:34:24 +0200 Subject: [PATCH 017/126] Changing YUM to DNF --- .github/workflows/ansible-playbooks/provision.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index a4a966f..0829aba 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -43,7 +43,7 @@ # --------------------------------------------------------------------- - name: Install required dependencies YUM - ansible.builtin.yum: + ansible.builtin.dnf: name: "{{ rpm_deps }}" state: present when: ansible_os_family == 'RedHat' From d4c26b00bb8da726d738633f7c31467a1c047678 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 14:45:42 +0200 Subject: [PATCH 018/126] Using package module --- .github/workflows/ansible-playbooks/provision.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index 0829aba..fb995df 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -43,7 +43,7 @@ # --------------------------------------------------------------------- - name: Install required dependencies YUM - ansible.builtin.dnf: + ansible.builtin.package: name: "{{ rpm_deps }}" state: present when: ansible_os_family == 'RedHat' @@ -51,7 +51,7 @@ # --------------------------------------------------------------------- - name: Install required dependencies APT - ansible.builtin.apt: + ansible.builtin.package: name: "{{ apt_deps }}" state: present update_cache: yes @@ -74,7 +74,7 @@ - ansible_distribution == "Ubuntu" - name: Install Python3.9 on Ubuntu Jammy - ansible.builtin.apt: + ansible.builtin.package: name: - python3.9 - python3.9-distutils From 08b193eb9c7a6e8a30c1e87f325cb0d96c3d5eea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 28 Aug 2024 15:11:14 +0200 Subject: [PATCH 019/126] Installing Ansible with pip --- .github/workflows/Test_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index ce99a02..f328fdc 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -109,7 +109,7 @@ jobs: echo "COMPOSITE_NAME=$COMPOSITE_NAME" >> $GITHUB_ENV - name: Install Ansible - run: sudo apt-get update && sudo apt install software-properties-common && sudo add-apt-repository --yes --update ppa:ansible/ansible && sudo apt install -y ansible python-is-python3 python3-apt python3-dnf + run: sudo apt-get update && sudo apt install -y python3 && python3 -m pip install --user ansible-core==2.16 - name: Get Ansible run: ansible --version From eae9a6c3503cf4e8585a91e2b781c03521cf45a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 29 Aug 2024 13:08:13 +0200 Subject: [PATCH 020/126] Adding Python install in CentOS 8 --- .github/workflows/Test_installation_assistant.yml | 6 ------ .github/workflows/ansible-playbooks/provision.yml | 15 +++++++++++++++ 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index f328fdc..5ca86bc 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -157,11 +157,6 @@ jobs: TMP_PATH="/tmp/test" PKG_REPOSITORY="${{ inputs.REPOSITORY }}" - ANSIBLE_PYTHON_INTERPRETER="" - if [ "${{ inputs.SYSTEM }}" == "CentOS 8" ]; then - ANSIBLE_PYTHON_INTERPRETER="/usr/bin/python3" - fi - ansible-playbook .github/workflows/ansible-playbooks/provision.yml \ -i /tmp/allocator_instance/inventory \ -l all \ @@ -172,7 +167,6 @@ jobs: -e "install_deps=$INSTALL_DEPS" \ -e "install_python=$INSTALL_PYTHON" \ -e "install_pip_deps=$INSTALL_PIP_DEPS" \ - ${ANSIBLE_PYTHON_INTERPRETER:+-e "ansible_python_interpreter=$ANSIBLE_PYTHON_INTERPRETER"} \ -v - name: Delete allocated VM diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index fb995df..00c287c 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -1,6 +1,7 @@ --- - hosts: all become: true + gather_facts: no vars: script_path: "{{ tmp_path }}" script_name: "wazuh-install.sh" @@ -31,7 +32,21 @@ - beautifulsoup4 - urllib3==1.26.6 + pre_tasks: + - name: Check if the system is CentOS 8 and install Python if necessary + raw: | + if [ -f /etc/centos-release ]; then + if grep -q -i -E "centos.*8" /etc/centos-release; then + if ! command -v python3 &> /dev/null; then + dnf install -y python3 + fi + fi + fi + tasks: + - name: Gather facts + ansible.builtin.setup: + - name: Make tmp folder directory file: path: "{{ tmp_path }}" From 529489b7b22fb9cc3069d7d4355e5d477630ea08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 29 Aug 2024 14:22:40 +0200 Subject: [PATCH 021/126] Moved variables to env variables --- .github/workflows/Test_installation_assistant.yml | 15 ++++++++------- .github/workflows/ansible-playbooks/provision.yml | 2 +- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 5ca86bc..0accbe4 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -54,6 +54,12 @@ env: COMPOSITE_NAME: "linux-SUBNAME-amd64" SESSION_NAME: "Installation-Assistant-Test" REGION: "us-east-1" + TMP_PATH: "/tmp/test" + LOGS_PATH: "/home/assistant_logs" + PKG_REPOSITORY: "${{ inputs.REPOSITORY }}" + REFERENCE: "${{ github.ref_name }}" + TEST_NAME: "test_assistant" + REPOSITORY_URL: "${{ github.server_url }}${{ github.repository_owner }}/${{ github.repository }}.git" permissions: id-token: write # This is required for requesting the JWT @@ -152,23 +158,18 @@ jobs: INSTALL_PYTHON=true INSTALL_PIP_DEPS=true - REPOSITORY_URL="https://github.com/wazuh/wazuh-installation-assistant.git" - PACKAGES_REFERENCE="${{ github.ref_name }}" - TMP_PATH="/tmp/test" - PKG_REPOSITORY="${{ inputs.REPOSITORY }}" - ansible-playbook .github/workflows/ansible-playbooks/provision.yml \ -i /tmp/allocator_instance/inventory \ -l all \ -e "repository=$REPOSITORY_URL" \ - -e "packages_reference=$PACKAGES_REFERENCE" \ + -e "reference=$REFERENCE" \ -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ -e "install_deps=$INSTALL_DEPS" \ -e "install_python=$INSTALL_PYTHON" \ -e "install_pip_deps=$INSTALL_PIP_DEPS" \ -v - + - name: Delete allocated VM if: always() && steps.allocator_instance.outcome == 'success' run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output /tmp/allocator_instance/track.yml diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index 00c287c..76553dd 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -155,7 +155,7 @@ git: repo: "{{ repository }}" dest: "{{ tmp_path }}" - version: "{{ packages_reference }}" + version: "{{ reference }}" depth: 1 force: true From b701e907b04da51a629ee23eb76fdf2cf153a558 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 29 Aug 2024 14:42:29 +0200 Subject: [PATCH 022/126] Moved variables to env variables --- .github/workflows/Test_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 0accbe4..2bf9656 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -59,7 +59,7 @@ env: PKG_REPOSITORY: "${{ inputs.REPOSITORY }}" REFERENCE: "${{ github.ref_name }}" TEST_NAME: "test_assistant" - REPOSITORY_URL: "${{ github.server_url }}${{ github.repository_owner }}/${{ github.repository }}.git" + REPOSITORY_URL: "${{ github.server_url }}/${{ github.repository }}.git" permissions: id-token: write # This is required for requesting the JWT From 5ac37db4bc3d628a0598ac164c25167274a99860 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 30 Aug 2024 09:35:21 +0200 Subject: [PATCH 023/126] Added AIO installation playbook --- .../workflows/Test_installation_assistant.yml | 14 +++++- .github/workflows/ansible-playbooks/aio.yml | 47 +++++++++++++++++++ 2 files changed, 59 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/ansible-playbooks/aio.yml diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 2bf9656..7aa51db 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -55,7 +55,7 @@ env: SESSION_NAME: "Installation-Assistant-Test" REGION: "us-east-1" TMP_PATH: "/tmp/test" - LOGS_PATH: "/home/assistant_logs" + LOGS_PATH: "${{ github.workspace }}/assistant_logs" PKG_REPOSITORY: "${{ inputs.REPOSITORY }}" REFERENCE: "${{ github.ref_name }}" TEST_NAME: "test_assistant" @@ -162,7 +162,7 @@ jobs: -i /tmp/allocator_instance/inventory \ -l all \ -e "repository=$REPOSITORY_URL" \ - -e "reference=$REFERENCE" \ + -e "reference=4.9.0-testing" \ -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ -e "install_deps=$INSTALL_DEPS" \ @@ -170,6 +170,16 @@ jobs: -e "install_pip_deps=$INSTALL_PIP_DEPS" \ -v + - name: Execute AIO installation playbook + run: | + ansible-playbook .github/workflows/ansible-playbooks/aio.yml \ + -i /tmp/allocator_instance/inventory \ + -l all \ + -e "tmp_path=$TMP_PATH" \ + -e "logs_path=$LOGS_PATH" \ + -e "test_name=$TEST_NAME" \ + -vvv + - name: Delete allocated VM if: always() && steps.allocator_instance.outcome == 'success' run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output /tmp/allocator_instance/track.yml diff --git a/.github/workflows/ansible-playbooks/aio.yml b/.github/workflows/ansible-playbooks/aio.yml new file mode 100644 index 0000000..0656d60 --- /dev/null +++ b/.github/workflows/ansible-playbooks/aio.yml @@ -0,0 +1,47 @@ + + - hosts: all + become: true + + vars: + script_path: "{{ tmp_path }}" + script_name: "wazuh-install.sh" + script_builder: "builder.sh" + test_name: "{{ test_name }}" + test_dir: "/{{ test_name }}" + logs_path: "{{ logs_path }}" + + tasks: + + - name: Create log directory + file: + path: "{{ test_dir }}" + state: directory + + - name: Create log file + file: + dest: "{{ test_dir }}/{{ test_name }}.log" + state: touch + + - name: Test assistant AIO install + block: + - name: Install assistant installer + command: "bash {{ script_name }} -a -v" + args: + chdir: "{{ script_path }}" + register: install_results + + always: + - name: Save output + blockinfile: + marker: "" + path: "{{ test_dir }}/{{ test_name }}.log" + block: | + {{ install_results.stderr }} + -------------------------------- + {{ install_results.stdout }} + + - name: Fetch log + fetch: + src: "{{ test_dir }}/{{ test_name }}.log" + dest: "{{ logs_path }}/" + flat: yes From e3126bb85c9b8e880fe621c15e20d312418a2037 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 30 Aug 2024 10:27:21 +0200 Subject: [PATCH 024/126] Added assistant pytest playbook --- .../workflows/Test_installation_assistant.yml | 11 +++++ .../workflows/ansible-playbooks/aio_tests.yml | 45 +++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 .github/workflows/ansible-playbooks/aio_tests.yml diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 7aa51db..1be6315 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -178,6 +178,17 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ + -v + + - name: Execute Python test playbook + run: | + TEST_NAME="test_installation_assistant" + ansible-playbook .github/workflows/ansible-playbooks/aio_tests.yml \ + -i /tmp/allocator_instance/inventory \ + -l all \ + -e "tmp_path=$TMP_PATH" \ + -e "logs_path=$LOGS_PATH" \ + -e "test_name=$TEST_NAME" \ -vvv - name: Delete allocated VM diff --git a/.github/workflows/ansible-playbooks/aio_tests.yml b/.github/workflows/ansible-playbooks/aio_tests.yml new file mode 100644 index 0000000..79b97e2 --- /dev/null +++ b/.github/workflows/ansible-playbooks/aio_tests.yml @@ -0,0 +1,45 @@ + + - hosts: all + become: true + + vars: + script_path: "{{ tmp_path }}/tests/install" + test_name: "{{ test_name }}" + script_name: "{{ test_name }}.py" + test_dir: "/{{ test_name }}" + logs_path: "{{ logs_path }}" + tasks: + + - name: Create log directory + file: + path: "{{ test_dir }}" + state: directory + + - name: Create log file + file: + dest: "{{ test_dir }}/{{ test_name }}.log" + state: touch + + - name: Test unattended AIO install + block: + - name: Launch AIO test + command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh or wazuh_worker or indexer or dashboard\"" + args: + chdir: "{{ script_path }}" + register: test_results + + always: + - name: Save output + blockinfile: + marker: "" + path: "{{ test_dir }}/{{ test_name }}.log" + block: | + {{ test_results.stderr }} + -------------------------------- + {{ test_results.stdout }} + + - name: Fetch log + fetch: + src: "{{ test_dir }}/{{ test_name }}.log" + dest: "{{ logs_path }}/" + flat: yes From 38ac911770a21d92a078d6a8fec6122436681d9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 30 Aug 2024 11:27:05 +0200 Subject: [PATCH 025/126] Replaced debug input by verbosity input --- .../workflows/Test_installation_assistant.yml | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 1be6315..9bff27e 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -39,11 +39,16 @@ on: - Ubuntu 22 - RHEL7 - RHEL8 - DEBUG: - description: 'Debug mode' + VERBOSITY: + description: 'Verbosity level on playbooks execution' required: true - default: false - type: boolean + default: '-v' + type: choice + options: + - -v + - -vv + - -vvv + - -vvvv DESTROY: description: 'Destroy instances after run' required: true @@ -168,7 +173,7 @@ jobs: -e "install_deps=$INSTALL_DEPS" \ -e "install_python=$INSTALL_PYTHON" \ -e "install_pip_deps=$INSTALL_PIP_DEPS" \ - -v + "${{ inputs.VERBOSITY }}" - name: Execute AIO installation playbook run: | @@ -178,7 +183,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ - -v + "${{ inputs.VERBOSITY }}" - name: Execute Python test playbook run: | @@ -189,7 +194,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ - -vvv + "${{ inputs.VERBOSITY }}" - name: Delete allocated VM if: always() && steps.allocator_instance.outcome == 'success' From 9455831cf29f657ae5e6eba56e1616cc82e4900b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 2 Sep 2024 11:22:56 +0200 Subject: [PATCH 026/126] Allocator VM is deleted conditionally --- .github/workflows/Test_installation_assistant.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 9bff27e..a70f5c7 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -197,5 +197,6 @@ jobs: "${{ inputs.VERBOSITY }}" - name: Delete allocated VM - if: always() && steps.allocator_instance.outcome == 'success' + if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output /tmp/allocator_instance/track.yml + From 128845d6a027f4a080b3e65be2eeb28543970722 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 2 Sep 2024 11:45:54 +0200 Subject: [PATCH 027/126] Deleted conditionals in Debian pip3 installation --- .github/workflows/ansible-playbooks/provision.yml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index 76553dd..65d0c95 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -128,16 +128,6 @@ when: - ansible_os_family == 'Debian' - stat_pip3.stat.exists == False - - ansible_distribution_release != "xenial" - - ansible_distribution_release != "focal" - - ansible_distribution_release != "bionic" - - - name: Install pip Ubuntu Xenial - shell: curl https://bootstrap.pypa.io/get-pip.py | python3 - - when: - - ansible_os_family == 'Debian' - - stat_pip3.stat.exists == False - - ansible_distribution_release == "xenial" when: - install_python is defined From 4bbb7035eea1f8fa764ceaa4f292870492dfca30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 2 Sep 2024 14:10:58 +0200 Subject: [PATCH 028/126] Added async and poll parameters to AIO task --- .github/workflows/ansible-playbooks/aio.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ansible-playbooks/aio.yml b/.github/workflows/ansible-playbooks/aio.yml index 0656d60..7b2d63c 100644 --- a/.github/workflows/ansible-playbooks/aio.yml +++ b/.github/workflows/ansible-playbooks/aio.yml @@ -29,6 +29,8 @@ args: chdir: "{{ script_path }}" register: install_results + async: 500 + poll: 5 always: - name: Save output From 43fb0847a3f1beb2902a47371779677029a036eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 2 Sep 2024 15:41:04 +0200 Subject: [PATCH 029/126] Added allocator instance directory upload --- .../workflows/Test_installation_assistant.yml | 36 +++++++++++++------ 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index a70f5c7..5028bb4 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -65,6 +65,7 @@ env: REFERENCE: "${{ github.ref_name }}" TEST_NAME: "test_assistant" REPOSITORY_URL: "${{ github.server_url }}/${{ github.repository }}.git" + ALLOCATOR_PATH: "/tmp/allocator_instance" permissions: id-token: write # This is required for requesting the JWT @@ -146,16 +147,16 @@ jobs: - name: Allocate instance test and set SSH variables id: allocator_instance run: | - python3 wazuh-automation/deployability/modules/allocation/main.py --action create --provider aws --size large --composite-name ${{ env.COMPOSITE_NAME }} --working-dir /tmp/allocator_instance \ - --track-output /tmp/allocator_instance/track.yml --inventory-output /tmp/allocator_instance/inventory.yml --instance-name gha_${{ github.run_id }}_assistant_test \ + python3 wazuh-automation/deployability/modules/allocation/main.py --action create --provider aws --size large --composite-name ${{ env.COMPOSITE_NAME }} --working-dir $ALLOCATOR_PATH \ + --track-output $ALLOCATOR_PATH/track.yml --inventory-output $ALLOCATOR_PATH/inventory.yml --instance-name gha_${{ github.run_id }}_assistant_test \ --label-team devops --label-termination-date 1d - sed 's/: */=/g' /tmp/allocator_instance/inventory.yml > /tmp/allocator_instance/inventory_mod.yml - sed -i 's/-o StrictHostKeyChecking=no/\"-o StrictHostKeyChecking=no\"/g' /tmp/allocator_instance/inventory_mod.yml - source /tmp/allocator_instance/inventory_mod.yml + sed 's/: */=/g' $ALLOCATOR_PATH/inventory.yml > $ALLOCATOR_PATH/inventory_mod.yml + sed -i 's/-o StrictHostKeyChecking=no/\"-o StrictHostKeyChecking=no\"/g' $ALLOCATOR_PATH/inventory_mod.yml + source $ALLOCATOR_PATH/inventory_mod.yml - echo "[gha_instance]" > /tmp/allocator_instance/inventory - echo "$ansible_host ansible_port=$ansible_port ansible_user=$ansible_user ansible_ssh_private_key_file=$ansible_ssh_private_key_file ansible_ssh_common_args='$ansible_ssh_common_args'" >> /tmp/allocator_instance/inventory + echo "[gha_instance]" > $ALLOCATOR_PATH/inventory + echo "$ansible_host ansible_port=$ansible_port ansible_user=$ansible_user ansible_ssh_private_key_file=$ansible_ssh_private_key_file ansible_ssh_common_args='$ansible_ssh_common_args'" >> $ALLOCATOR_PATH/inventory - name: Execute provision.yml playbook run: | @@ -164,7 +165,7 @@ jobs: INSTALL_PIP_DEPS=true ansible-playbook .github/workflows/ansible-playbooks/provision.yml \ - -i /tmp/allocator_instance/inventory \ + -i $ALLOCATOR_PATH/inventory \ -l all \ -e "repository=$REPOSITORY_URL" \ -e "reference=4.9.0-testing" \ @@ -178,7 +179,7 @@ jobs: - name: Execute AIO installation playbook run: | ansible-playbook .github/workflows/ansible-playbooks/aio.yml \ - -i /tmp/allocator_instance/inventory \ + -i $ALLOCATOR_PATH/inventory \ -l all \ -e "tmp_path=$TMP_PATH" \ -e "logs_path=$LOGS_PATH" \ @@ -189,14 +190,27 @@ jobs: run: | TEST_NAME="test_installation_assistant" ansible-playbook .github/workflows/ansible-playbooks/aio_tests.yml \ - -i /tmp/allocator_instance/inventory \ + -i $ALLOCATOR_PATH/inventory \ -l all \ -e "tmp_path=$TMP_PATH" \ -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" + + - name: Compress Allocator directory + id: compress_allocator_files + if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == false + run: | + zip -P "${{ secrets.ZIP_ARTIFACTS_PASSWORD }}" -r $ALLOCATOR_PATH.zip $ALLOCATOR_PATH + + - name: Upload Allocator directory as artifact + if: always() && steps.compress_allocator_files.outcome == 'success' && inputs.DESTROY == false + uses: actions/upload-artifact@v4 + with: + name: allocator-instance + path: ${{ env.ALLOCATOR_PATH }}.zip - name: Delete allocated VM if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true - run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output /tmp/allocator_instance/track.yml + run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output $ALLOCATOR_PATH/track.yml From dcc5de6cfe5ba63f4b8415afb78ffbc34c99aca6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 2 Sep 2024 16:12:42 +0200 Subject: [PATCH 030/126] Deleted debug tasks and improved task names --- .github/workflows/Test_installation_assistant.yml | 9 +++------ .github/workflows/ansible-playbooks/aio.yml | 2 +- .github/workflows/ansible-playbooks/provision.yml | 8 ++++++++ 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 5028bb4..ffd8cdc 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -122,9 +122,6 @@ jobs: - name: Install Ansible run: sudo apt-get update && sudo apt install -y python3 && python3 -m pip install --user ansible-core==2.16 - - - name: Get Ansible - run: ansible --version - name: Set up AWS credentials uses: aws-actions/configure-aws-credentials@v4 @@ -158,7 +155,7 @@ jobs: echo "[gha_instance]" > $ALLOCATOR_PATH/inventory echo "$ansible_host ansible_port=$ansible_port ansible_user=$ansible_user ansible_ssh_private_key_file=$ansible_ssh_private_key_file ansible_ssh_common_args='$ansible_ssh_common_args'" >> $ALLOCATOR_PATH/inventory - - name: Execute provision.yml playbook + - name: Execute provision playbook run: | INSTALL_DEPS=true INSTALL_PYTHON=true @@ -197,13 +194,13 @@ jobs: -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" - - name: Compress Allocator directory + - name: Compress Allocator VM directory id: compress_allocator_files if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == false run: | zip -P "${{ secrets.ZIP_ARTIFACTS_PASSWORD }}" -r $ALLOCATOR_PATH.zip $ALLOCATOR_PATH - - name: Upload Allocator directory as artifact + - name: Upload Allocator VM directory as artifact if: always() && steps.compress_allocator_files.outcome == 'success' && inputs.DESTROY == false uses: actions/upload-artifact@v4 with: diff --git a/.github/workflows/ansible-playbooks/aio.yml b/.github/workflows/ansible-playbooks/aio.yml index 7b2d63c..cbf9e90 100644 --- a/.github/workflows/ansible-playbooks/aio.yml +++ b/.github/workflows/ansible-playbooks/aio.yml @@ -24,7 +24,7 @@ - name: Test assistant AIO install block: - - name: Install assistant installer + - name: Perform AIO installation command: "bash {{ script_name }} -a -v" args: chdir: "{{ script_path }}" diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index 65d0c95..340af6c 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -128,6 +128,14 @@ when: - ansible_os_family == 'Debian' - stat_pip3.stat.exists == False + - ansible_distribution_release != "xenial" + + - name: Install pip Ubuntu Xenial + shell: curl https://bootstrap.pypa.io/get-pip.py | python3 - + when: + - ansible_os_family == 'Debian' + - stat_pip3.stat.exists == False + - ansible_distribution_release == "xenial" when: - install_python is defined From 898f53d9d207f91742c64871fb1191adaa3b60f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 3 Sep 2024 09:16:41 +0200 Subject: [PATCH 031/126] Python 3.9 is only installed in Ubuntu 22 --- .../workflows/ansible-playbooks/provision.yml | 47 +++++++------------ 1 file changed, 17 insertions(+), 30 deletions(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index 340af6c..d737601 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -80,28 +80,22 @@ # --------------------------------------------------------------------- # Ubuntu -------------------------------------------------------------- - - - name: Set up Python 3.9 repository - apt_repository: - repo: 'ppa:deadsnakes/ppa' - when: - - ansible_os_family == 'Debian' - - ansible_distribution == "Ubuntu" - - - name: Install Python3.9 on Ubuntu Jammy - ansible.builtin.package: - name: - - python3.9 - - python3.9-distutils - state: present - update_cache: yes - when: - - ansible_os_family == 'Debian' - - ansible_distribution == "Ubuntu" - - ansible_distribution_release == "jammy" - - - name: Change Python link Ubuntu Jammy - command: ln -sf /usr/bin/python3.9 /usr/bin/python3 + - name: Set up Python 3.9 on Ubuntu Jammy + block: + - name: Set up Python 3.9 repository + apt_repository: + repo: 'ppa:deadsnakes/ppa' + + - name: Install Python3.9 on Ubuntu Jammy + ansible.builtin.package: + name: + - python3.9 + - python3.9-distutils + state: present + update_cache: yes + + - name: Change Python link Ubuntu Jammy + command: ln -sf /usr/bin/python3.9 /usr/bin/python3 when: - ansible_os_family == 'Debian' - ansible_distribution == "Ubuntu" @@ -128,14 +122,7 @@ when: - ansible_os_family == 'Debian' - stat_pip3.stat.exists == False - - ansible_distribution_release != "xenial" - - - name: Install pip Ubuntu Xenial - shell: curl https://bootstrap.pypa.io/get-pip.py | python3 - - when: - - ansible_os_family == 'Debian' - - stat_pip3.stat.exists == False - - ansible_distribution_release == "xenial" + - ansible_distribution_release != "focal" when: - install_python is defined From 3484f593806ed8ae0bad687619b3fb338e93a710 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 3 Sep 2024 10:40:48 +0200 Subject: [PATCH 032/126] Installed Python3.6 in Ubuntu Xenial at early stage --- .../workflows/ansible-playbooks/provision.yml | 30 ++++++++++++++----- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index d737601..38112ba 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -43,6 +43,16 @@ fi fi + - name: Check if the system is Ubuntu 16 and install Python + raw: | + if [ -f /etc/lsb-release ]; then + if grep -q -i -E "ubuntu.*16" /etc/lsb-release; then + add-apt-repository -y ppa:jblgf0/python + apt-get update + apt-get install -y python3.6 + fi + fi + tasks: - name: Gather facts ansible.builtin.setup: @@ -101,13 +111,6 @@ - ansible_distribution == "Ubuntu" - ansible_distribution_release == "jammy" - - name: Change Python link Ubuntu Xenial - command: ln -sf /usr/local/bin/python3.8 /usr/bin/python3 - when: - - ansible_os_family == 'Debian' - - ansible_distribution == "Ubuntu" - - ansible_distribution_release == "xenial" - # --------------------------------------------------------------------- # Pip installation ---------------------------------------------------- @@ -122,7 +125,18 @@ when: - ansible_os_family == 'Debian' - stat_pip3.stat.exists == False - - ansible_distribution_release != "focal" + - ansible_distribution_release != "bionic" + + - name: Install pip Ubuntu Bionic + ansible.builtin.package: + name: + - python3-pip + state: present + update_cache: yes + when: + - ansible_os_family == 'Debian' + - ansible_distribution == "Ubuntu" + - ansible_distribution_release == "bionic" when: - install_python is defined From 17b124f5dc5989852c23ad32596406aba0496204 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 3 Sep 2024 10:58:57 +0200 Subject: [PATCH 033/126] Fixed pip installation in Ubuntu Xenial --- .github/workflows/ansible-playbooks/provision.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index 38112ba..a2a92e3 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -50,6 +50,7 @@ add-apt-repository -y ppa:jblgf0/python apt-get update apt-get install -y python3.6 + ln -sf /usr/bin/python3.6 /usr/bin/python3 fi fi @@ -125,9 +126,9 @@ when: - ansible_os_family == 'Debian' - stat_pip3.stat.exists == False - - ansible_distribution_release != "bionic" + - ansible_distribution_release not in ['bionic', 'xenial'] - - name: Install pip Ubuntu Bionic + - name: Install pip Ubuntu Bionic/Xenial ansible.builtin.package: name: - python3-pip @@ -136,7 +137,7 @@ when: - ansible_os_family == 'Debian' - ansible_distribution == "Ubuntu" - - ansible_distribution_release == "bionic" + - ansible_distribution_release in ['bionic', 'xenial'] when: - install_python is defined From 9c8b5ca980fb3b292bc140eb52b4ed39fec247e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 3 Sep 2024 11:13:38 +0200 Subject: [PATCH 034/126] Added python3-apt installation in Ubuntu Xenial --- .github/workflows/ansible-playbooks/provision.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index a2a92e3..e06ddf6 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -49,7 +49,7 @@ if grep -q -i -E "ubuntu.*16" /etc/lsb-release; then add-apt-repository -y ppa:jblgf0/python apt-get update - apt-get install -y python3.6 + apt-get install -y python3.6 python3-apt ln -sf /usr/bin/python3.6 /usr/bin/python3 fi fi From 60d2c28d1edea743470b13ed3cdaf532b55f9d26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 3 Sep 2024 15:00:10 +0200 Subject: [PATCH 035/126] Fixed Python install in Xenial --- .../workflows/ansible-playbooks/provision.yml | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index e06ddf6..e87182a 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -50,7 +50,10 @@ add-apt-repository -y ppa:jblgf0/python apt-get update apt-get install -y python3.6 python3-apt - ln -sf /usr/bin/python3.6 /usr/bin/python3 + update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.6 1 + cd /usr/lib/python3/dist-packages + sudo ln -s apt_inst.cpython-35m-x86_64-linux-gnu.so apt_inst.so + sudo ln -s apt_pkg.cpython-35m-x86_64-linux-gnu.so apt_pkg.so fi fi @@ -111,6 +114,13 @@ - ansible_os_family == 'Debian' - ansible_distribution == "Ubuntu" - ansible_distribution_release == "jammy" + + - name: Change Python link Ubuntu Xenial + command: ln -sf /usr/local/bin/python3.8 /usr/bin/python3 + when: + - ansible_pkg_mgr == "apt" + - ansible_distribution == "Ubuntu" + - ansible_distribution_release == "xenial" # --------------------------------------------------------------------- # Pip installation ---------------------------------------------------- @@ -126,7 +136,7 @@ when: - ansible_os_family == 'Debian' - stat_pip3.stat.exists == False - - ansible_distribution_release not in ['bionic', 'xenial'] + - ansible_distribution_release not in ['bionic'] - name: Install pip Ubuntu Bionic/Xenial ansible.builtin.package: @@ -137,7 +147,7 @@ when: - ansible_os_family == 'Debian' - ansible_distribution == "Ubuntu" - - ansible_distribution_release in ['bionic', 'xenial'] + - ansible_distribution_release in ['bionic'] when: - install_python is defined From 00cf2cac535c0050e971208fc82dc74652a714e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 3 Sep 2024 15:16:30 +0200 Subject: [PATCH 036/126] Revert testing changes --- .github/workflows/Test_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index ffd8cdc..98c2e63 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -165,7 +165,7 @@ jobs: -i $ALLOCATOR_PATH/inventory \ -l all \ -e "repository=$REPOSITORY_URL" \ - -e "reference=4.9.0-testing" \ + -e "reference=$REFERENCE" \ -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ -e "install_deps=$INSTALL_DEPS" \ From 7f37280a43bf6cbd18b8f4bfe7995b747de53400 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 4 Sep 2024 16:58:11 +0200 Subject: [PATCH 037/126] Added matrix strategy to implement tier --- .../workflows/Test_installation_assistant.yml | 42 ++++++++----------- 1 file changed, 18 insertions(+), 24 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 98c2e63..1e263cd 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -1,4 +1,4 @@ -run-name: Test installation assistant - System ${{ inputs.SYSTEM }} - Launched by @${{ github.actor }} +run-name: Test installation assistant - System/s ${{ inputs.SYSTEMS }} - Launched by @${{ github.actor }} name: Test installation assistant on: @@ -24,21 +24,11 @@ on: description: 'Branch or tag of the wazuh-automation repository' required: true default: '4.10.0' - SYSTEM: - description: 'Operating System' + SYSTEMS: + description: 'Operating Systems' required: true - default: 'CentOS 8' - type: choice - options: - - CentOS 7 - - CentOS 8 - - Amazon Linux 2 - - Ubuntu 16 - - Ubuntu 18 - - Ubuntu 20 - - Ubuntu 22 - - RHEL7 - - RHEL8 + default: '["CentOS_7", "CentOS_8", "AmazonLinux_2", "Ubuntu_16", "Ubuntu_18", "Ubuntu_20", "Ubuntu_22", "RHEL7", "RHEL8"]' + type: string VERBOSITY: description: 'Verbosity level on playbooks execution' required: true @@ -72,8 +62,12 @@ permissions: contents: read # This is required for actions/checkout jobs: - initialize-environment: + run-test: runs-on: ubuntu-latest + strategy: + fail-fast: false # If a job fails, the rest of jobs will not be cancelled + matrix: + system: ${{ fromJson(inputs.SYSTEMS) }} steps: - name: Checkout code @@ -84,26 +78,26 @@ jobs: - name: Set COMPOSITE_NAME variable run: | - case "${{ inputs.SYSTEM }}" in - "CentOS 7") + case "${{ matrix.system }}" in + "CentOS_7") SUBNAME="centos-7" ;; - "CentOS 8") + "CentOS_8") SUBNAME="centos-8" ;; - "Amazon Linux 2") + "AmazonLinux_2") SUBNAME="amazon-2" ;; - "Ubuntu 16") + "Ubuntu_16") SUBNAME="ubuntu-16.04" ;; - "Ubuntu 18") + "Ubuntu_18") SUBNAME="ubuntu-18.04" ;; - "Ubuntu 20") + "Ubuntu_20") SUBNAME="ubuntu-20.04" ;; - "Ubuntu 22") + "Ubuntu_22") SUBNAME="ubuntu-22.04" ;; "RHEL7") From 61885139b4eb776a74b018e017a0801e7aa3db4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 5 Sep 2024 09:03:58 +0200 Subject: [PATCH 038/126] Added assistant reference to form --- .github/workflows/Test_installation_assistant.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 1e263cd..aef7f3c 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -24,6 +24,10 @@ on: description: 'Branch or tag of the wazuh-automation repository' required: true default: '4.10.0' + ASSISTANT_REFERENCE: + description: 'Branch or tag of the wazuh-installation-assistant repository' + required: true + default: '4.10.0' SYSTEMS: description: 'Operating Systems' required: true @@ -52,7 +56,6 @@ env: TMP_PATH: "/tmp/test" LOGS_PATH: "${{ github.workspace }}/assistant_logs" PKG_REPOSITORY: "${{ inputs.REPOSITORY }}" - REFERENCE: "${{ github.ref_name }}" TEST_NAME: "test_assistant" REPOSITORY_URL: "${{ github.server_url }}/${{ github.repository }}.git" ALLOCATOR_PATH: "/tmp/allocator_instance" @@ -159,7 +162,7 @@ jobs: -i $ALLOCATOR_PATH/inventory \ -l all \ -e "repository=$REPOSITORY_URL" \ - -e "reference=$REFERENCE" \ + -e "reference=${{ inputs.ASSISTANT_REFERENCE }}" \ -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ -e "install_deps=$INSTALL_DEPS" \ From 40e80c370156eab12ee056c55d50c04f68207172 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 5 Sep 2024 09:05:39 +0200 Subject: [PATCH 039/126] Added runID to the display name --- .github/workflows/Test_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index aef7f3c..8709180 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -1,4 +1,4 @@ -run-name: Test installation assistant - System/s ${{ inputs.SYSTEMS }} - Launched by @${{ github.actor }} +run-name: Test installation assistant - ${{ github.run_id }} - ${{ inputs.SYSTEMS }} - Launched by @${{ github.actor }} name: Test installation assistant on: From f51e9db1a62c59372590a459cbf7980916f466b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 5 Sep 2024 09:20:05 +0200 Subject: [PATCH 040/126] Artifacts have unique name --- .github/workflows/Test_installation_assistant.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 8709180..7a4d24c 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -29,7 +29,7 @@ on: required: true default: '4.10.0' SYSTEMS: - description: 'Operating Systems' + description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true default: '["CentOS_7", "CentOS_8", "AmazonLinux_2", "Ubuntu_16", "Ubuntu_18", "Ubuntu_20", "Ubuntu_22", "RHEL7", "RHEL8"]' type: string @@ -68,7 +68,7 @@ jobs: run-test: runs-on: ubuntu-latest strategy: - fail-fast: false # If a job fails, the rest of jobs will not be cancelled + fail-fast: false # If a job fails, the rest of jobs will not be canceled matrix: system: ${{ fromJson(inputs.SYSTEMS) }} @@ -201,7 +201,7 @@ jobs: if: always() && steps.compress_allocator_files.outcome == 'success' && inputs.DESTROY == false uses: actions/upload-artifact@v4 with: - name: allocator-instance + name: allocator-instance-${{ matrix.system }} path: ${{ env.ALLOCATOR_PATH }}.zip - name: Delete allocated VM From d4afdaf1fc266a2d8cdf2ebabc950387747d6a9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 5 Sep 2024 09:37:53 +0200 Subject: [PATCH 041/126] Deleted tier workflow --- .../Test_installation_assistant_tier.yml | 84 ------------------- 1 file changed, 84 deletions(-) delete mode 100644 .github/workflows/Test_installation_assistant_tier.yml diff --git a/.github/workflows/Test_installation_assistant_tier.yml b/.github/workflows/Test_installation_assistant_tier.yml deleted file mode 100644 index 32170b0..0000000 --- a/.github/workflows/Test_installation_assistant_tier.yml +++ /dev/null @@ -1,84 +0,0 @@ -run-name: (Tier) Test installation assistant - Launched by @${{ github.actor }} -name: (Tier) Test installation assistant - -on: - workflow_dispatch: - inputs: - REPOSITORY: - description: 'Repository environment' - required: true - default: 'pre-release' - type: choice - options: - - staging - - pre-release - AUTOMATION_REFERENCE: - description: 'wazuh-automation reference' - required: true - default: 'v4.10.0' - CentOS_7: - description: 'CentOS 7' - required: true - default: false - type: boolean - CentOS_8: - description: 'CentOS 8' - required: true - default: true - type: boolean - Amazon_Linux_2: - description: 'Amazon Linux 2' - required: true - default: false - type: boolean - Ubuntu_16: - description: 'Ubuntu 16' - required: true - default: false - type: boolean - Ubuntu_18: - description: 'Ubuntu 18' - required: true - default: false - type: boolean - Ubuntu_20: - description: 'Ubuntu 20' - required: true - default: false - type: boolean - Ubuntu_22: - description: 'Ubuntu 22' - required: true - default: false - type: boolean - RHEL_7: - description: 'RHEL 7' - required: true - default: false - type: boolean - RHEL_8: - description: 'RHEL 8' - required: true - default: false - type: boolean - DEBUG: - description: 'Debug mode' - required: true - default: false - type: boolean - DESTROY: - description: 'Destroy instances after run' - required: true - default: true - type: boolean - -env: - LABEL: ubuntu-latest - -jobs: - launch-tests: - runs-on: $LABEL - - steps: - - name: Set up Git - uses: actions/checkout@v3 From bddc22854d7b897127f080b10b48c162d2f9f49b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 9 Sep 2024 13:48:25 +0200 Subject: [PATCH 042/126] Added provision and deletion of instances --- ...est_installation_assistant_distributed.yml | 205 ++++++++++++++++-- 1 file changed, 192 insertions(+), 13 deletions(-) diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index b2d91aa..06b169b 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -1,5 +1,5 @@ -run-name: (Distributed) Test installation assistant - Launched by @${{ github.actor }} -name: (Distributed) Test installation assistant +run-name: (Distributed) Test installation assistant - ${{ github.run_id }} - ${{ inputs.SYSTEMS }} - Launched by @${{ github.actor }} +name: (Distributed) Test installation assistant on: pull_request: @@ -21,14 +21,28 @@ on: - staging - pre-release AUTOMATION_REFERENCE: - description: 'wazuh-automation reference' + description: 'Branch or tag of the wazuh-automation repository' required: true - default: 'v4.10.0' - DEBUG: - description: 'Debug mode' + default: '4.10.0' + ASSISTANT_REFERENCE: + description: 'Branch or tag of the wazuh-installation-assistant repository' required: true - default: false - type: boolean + default: '4.10.0' + SYSTEMS: + description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' + required: true + default: '["CentOS_8", "AmazonLinux_2","Ubuntu_22", "RHEL8"]' + type: string + VERBOSITY: + description: 'Verbosity level on playbooks execution' + required: true + default: '-v' + type: choice + options: + - -v + - -vv + - -vvv + - -vvvv DESTROY: description: 'Destroy instances after run' required: true @@ -36,12 +50,177 @@ on: type: boolean env: - LABEL: ubuntu-latest + COMPOSITE_NAME: "linux-SUBNAME-amd64" + SESSION_NAME: "Installation-Assistant-Test" + REGION: "us-east-1" + TMP_PATH: "/tmp/test" + LOGS_PATH: "${{ github.workspace }}/assistant_logs" + PKG_REPOSITORY: "${{ inputs.REPOSITORY }}" + TEST_NAME: "test_assistant_distributed" + REPOSITORY_URL: "${{ github.server_url }}/${{ github.repository }}.git" + ALLOCATOR_PATH: "/tmp/allocator_instance" + INSTANCE_NAMES: "instance_1 instance_2 instance_3" + +permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout jobs: - initialize-environment: - runs-on: $LABEL + run-test: + runs-on: ubuntu-latest + strategy: + fail-fast: false # If a job fails, the rest of jobs will not be canceled + matrix: + system: ${{ fromJson(inputs.SYSTEMS) }} steps: - - name: Set up Git - uses: actions/checkout@v3 + - name: Checkout code + uses: actions/checkout@v4 + + - name: View parameters + run: echo "${{ toJson(inputs) }}" + + - name: Set COMPOSITE_NAME variable + run: | + case "${{ matrix.system }}" in + "CentOS_7") + SUBNAME="centos-7" + ;; + "CentOS_8") + SUBNAME="centos-8" + ;; + "AmazonLinux_2") + SUBNAME="amazon-2" + ;; + "Ubuntu_16") + SUBNAME="ubuntu-16.04" + ;; + "Ubuntu_18") + SUBNAME="ubuntu-18.04" + ;; + "Ubuntu_20") + SUBNAME="ubuntu-20.04" + ;; + "Ubuntu_22") + SUBNAME="ubuntu-22.04" + ;; + "RHEL7") + SUBNAME="redhat-7" + ;; + "RHEL8") + SUBNAME="redhat-8" + ;; + *) + echo "Invalid SYSTEM selection" >&2 + exit 1 + ;; + esac + COMPOSITE_NAME="${COMPOSITE_NAME/SUBNAME/$SUBNAME}" + echo "COMPOSITE_NAME=$COMPOSITE_NAME" >> $GITHUB_ENV + + - name: Install Ansible + run: sudo apt-get update && sudo apt install -y python3 && python3 -m pip install --user ansible-core==2.16 + + - name: Set up AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.AWS_IAM_ROLE }} + role-session-name: ${{ env.SESSION_NAME }} + aws-region: ${{ env.REGION }} + + - name: Checkout wazuh/wazuh-automation repository + uses: actions/checkout@v4 + with: + repository: wazuh/wazuh-automation + ref: ${{ inputs.AUTOMATION_REFERENCE }} + token: ${{ secrets.GH_CLONE_TOKEN }} + path: wazuh-automation + + - name: Install and set allocator requirements + run: pip3 install -r wazuh-automation/deployability/deps/requirements.txt + + - name: Allocate instances and create inventory + id: allocator_instance + run: | + instance_names=($INSTANCE_NAMES) + inventory_file="$ALLOCATOR_PATH/inventory" + inventory_indexers="$ALLOCATOR_PATH/inventory_indexers" + inventory_managers="$ALLOCATOR_PATH/inventory_managers" + inventory_dashboards="$ALLOCATOR_PATH/inventory_dashboards" + inventory_common="$ALLOCATOR_PATH/inventory_common" + inventory_file="$ALLOCATOR_PATH/inventory" + + mkdir -p $ALLOCATOR_PATH + echo "[indexers]" > $inventory_indexers + echo "[managers]" > $inventory_managers + echo "[dashboards]" > $inventory_dashboards + echo "[all:vars]" > $inventory_common + + for i in ${!instance_names[@]}; do + instance_name=${instance_names[$i]} + # Provision instance in parallel + ( + python3 wazuh-automation/deployability/modules/allocation/main.py \ + --action create --provider aws --size large \ + --composite-name ${{ env.COMPOSITE_NAME }} \ + --working-dir $ALLOCATOR_PATH --track-output $ALLOCATOR_PATH/track_${instance_name}.yml \ + --inventory-output $ALLOCATOR_PATH/inventory_${instance_name}.yml \ + --instance-name gha_${{ github.run_id }}_${{ env.TEST_NAME }}_${instance_name} --label-team devops --label-termination-date 1d + + # Modify inventory for Ansible + sed 's/: */=/g' $ALLOCATOR_PATH/inventory_${instance_name}.yml > $ALLOCATOR_PATH/inventory_mod_${instance_name}.yml + sed -i 's/-o StrictHostKeyChecking=no/\"-o StrictHostKeyChecking=no\"/g' $ALLOCATOR_PATH/inventory_mod_${instance_name}.yml + source $ALLOCATOR_PATH/inventory_mod_${instance_name}.yml + + # Add instance to corresponding group + if [[ $i -eq 0 ]]; then + echo "indexer1 ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers + echo "master ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=master" >> $inventory_managers + + echo "ansible_user=$ansible_user" >> $inventory_common + echo "ansible_port=$ansible_port" >> $inventory_common + echo "ansible_ssh_common_args='$ansible_ssh_common_args'" >> $inventory_common + elif [[ $i -eq 1 ]]; then + echo "indexer2 ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers + echo "worker1 ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=worker" >> $inventory_managers + else + echo "indexer3 ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers + echo "worker2 ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=worker" >> $inventory_managers + echo "dashboard ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_dashboards + fi + ) & + done + + # Wait for all provisioning tasks to complete + wait + + # Combine the temporary inventories into one + cat $inventory_indexers > $inventory_file + cat $inventory_managers >> $inventory_file + cat $inventory_dashboards >> $inventory_file + cat $inventory_common >> $inventory_file + + + cat $inventory_file + + - name: Delete allocated VMs + if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true + run: | + instance_names=($INSTANCE_NAMES) + + for i in ${!instance_names[@]}; do + instance_name=${instance_names[$i]} + track_file="$ALLOCATOR_PATH/track_${instance_name}.yml" + + echo "Deleting instance: $instance_name using track file $track_file" + + ( + # Delete instance + python3 wazuh-automation/deployability/modules/allocation/main.py \ + --action delete --provider aws --track-output $track_file + ) & + done + + # Wait for all deletion tasks to complete + wait + From 758dda9ffd22ab3e74e31b36186260b0d026a132 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 9 Sep 2024 16:41:00 +0200 Subject: [PATCH 043/126] Added private IP capture --- ...est_installation_assistant_distributed.yml | 22 +++++++++++-------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 06b169b..36f57bd 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -167,26 +167,31 @@ jobs: --inventory-output $ALLOCATOR_PATH/inventory_${instance_name}.yml \ --instance-name gha_${{ github.run_id }}_${{ env.TEST_NAME }}_${instance_name} --label-team devops --label-termination-date 1d - # Modify inventory for Ansible + instance_id=$(grep '^identifier' $ALLOCATOR_PATH/track_${instance_name}.yml | awk '{print $2}') + private_ip=$(aws ec2 describe-instances \ + --instance-ids $instance_id \ + --query 'Reservations[*].Instances[*].PrivateIpAddress' \ + --output text) + sed 's/: */=/g' $ALLOCATOR_PATH/inventory_${instance_name}.yml > $ALLOCATOR_PATH/inventory_mod_${instance_name}.yml sed -i 's/-o StrictHostKeyChecking=no/\"-o StrictHostKeyChecking=no\"/g' $ALLOCATOR_PATH/inventory_mod_${instance_name}.yml source $ALLOCATOR_PATH/inventory_mod_${instance_name}.yml # Add instance to corresponding group if [[ $i -eq 0 ]]; then - echo "indexer1 ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers - echo "master ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=master" >> $inventory_managers + echo "indexer1 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers + echo "master ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=master" >> $inventory_managers echo "ansible_user=$ansible_user" >> $inventory_common echo "ansible_port=$ansible_port" >> $inventory_common echo "ansible_ssh_common_args='$ansible_ssh_common_args'" >> $inventory_common elif [[ $i -eq 1 ]]; then - echo "indexer2 ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers - echo "worker1 ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=worker" >> $inventory_managers + echo "indexer2 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers + echo "worker1 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=worker" >> $inventory_managers else - echo "indexer3 ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers - echo "worker2 ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=worker" >> $inventory_managers - echo "dashboard ansible_host=$ansible_host ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_dashboards + echo "indexer3 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers + echo "worker2 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=worker" >> $inventory_managers + echo "dashboard ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_dashboards fi ) & done @@ -199,7 +204,6 @@ jobs: cat $inventory_managers >> $inventory_file cat $inventory_dashboards >> $inventory_file cat $inventory_common >> $inventory_file - cat $inventory_file From e6fe051d717b7127ce8d31e8a3930cadb6e20ef9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 10 Sep 2024 10:45:38 +0200 Subject: [PATCH 044/126] Added certificates generation logic --- ...est_installation_assistant_distributed.yml | 14 ++++- .../distributed_generate_certificates.yml | 56 +++++++++++++++++++ .github/workflows/templates/config.j2 | 18 ++++++ 3 files changed, 86 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/ansible-playbooks/distributed_generate_certificates.yml create mode 100644 .github/workflows/templates/config.j2 diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 36f57bd..3086eac 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -204,8 +204,18 @@ jobs: cat $inventory_managers >> $inventory_file cat $inventory_dashboards >> $inventory_file cat $inventory_common >> $inventory_file - - cat $inventory_file + + - name: Execute certificates generation playbook + run: | + TEST_NAME="${{ env.TEST_NAME }}_certificates" + RESOURCES_PATH="${{ github.workspace }}" + ansible-playbook .github/workflows/ansible-playbooks/distributed_generate_certificates.yml \ + -i $ALLOCATOR_PATH/inventory \ + -e "resources_path=$RESOURCES_PATH" \ + -e "logs_path=$LOGS_PATH" \ + -e "test_name=$TEST_NAME" \ + -e "pkg_repository=$PKG_REPOSITORY" \ + "${{ inputs.VERBOSITY }}" - name: Delete allocated VMs if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true diff --git a/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml b/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml new file mode 100644 index 0000000..8d00600 --- /dev/null +++ b/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml @@ -0,0 +1,56 @@ +--- +- hosts: localhost + become: true + + vars: + test_name: "{{ test_name }}" + test_dir: "/{{ test_name }}" + logs_path: "{{ log_folder }}" + resources_path: "{{ resources_path }}" + pkg_repository: "{{ pkg_repository }}" + + tasks: + - name: Create log directory + file: + path: "{{ test_dir }}" + state: directory + + - name: Create log file + file: + dest: "{{ test_dir }}/{{ test_name }}.log" + state: touch + + - name: Create certificates + block: + - name: Rendering wazuh-config file + template: + src: "{{ resources_path }}/.github/workflows/templates/config.j2" + dest: "{{ resources_path }}/config.yml" + mode: "664" + force: yes + + - name: Creating wazuh-install.sh script + shell: "bash {{ resources_path }}/builder.sh -i -d {{ pkg_repository }}" + + - name: Creating Certificates + shell: "bash {{ resources_path }}/wazuh-install.sh -g -v" + register: certificates_install + + - name: Give read permissions to wazuh-install-files.tar + shell: "chmod +r {{ resources_path }}/wazuh-install-files.tar" + + always: + - name: Save output certificate build and creation + blockinfile: + marker: "" + path: "{{ test_dir }}/{{ test_name }}.log" + block: | + {{ certificates_install.stderr }} + -------------------------------- + {{ certificates_install.stdout }} + + - name: Fetch log + fetch: + src: "{{ test_dir }}/{{ test_name }}.log" + dest: "{{ logs_path }}/" + flat: yes diff --git a/.github/workflows/templates/config.j2 b/.github/workflows/templates/config.j2 new file mode 100644 index 0000000..44af40b --- /dev/null +++ b/.github/workflows/templates/config.j2 @@ -0,0 +1,18 @@ +nodes: + # Wazuh indexer nodes + indexer: +{% for indexer in groups['indexers'] %} + - name: {{ hostvars[indexer]['inventory_hostname'] }} + ip: "{{ hostvars[indexer]['private_ip'] }}" +{% endfor %} + server: +{% for manager in groups['managers'] %} + - name: {{ hostvars[manager]['inventory_hostname'] }} + ip: "{{ hostvars[manager]['private_ip'] }}" + node_type: "{{ hostvars[manager]['manager_type'] }}" +{% endfor %} + dashboard: +{% for dashboard in groups['dashboards'] %} + - name: {{ hostvars[dashboard]['inventory_hostname'] }} + ip: "{{ hostvars[dashboard]['private_ip'] }}" +{% endfor %} From 5fbb84fcf5a80a28400959dcb70c7b9d238f6da1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 10 Sep 2024 10:56:14 +0200 Subject: [PATCH 045/126] Added certificates generation logic --- ...Test_installation_assistant_distributed.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 3086eac..dc96551 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -205,6 +205,24 @@ jobs: cat $inventory_dashboards >> $inventory_file cat $inventory_common >> $inventory_file + - name: Execute provision playbook + run: | + INSTALL_DEPS=true + INSTALL_PYTHON=true + INSTALL_PIP_DEPS=true + + ansible-playbook .github/workflows/ansible-playbooks/provision.yml \ + -i $ALLOCATOR_PATH/inventory \ + -l indexers \ + -e "repository=$REPOSITORY_URL" \ + -e "reference=${{ inputs.ASSISTANT_REFERENCE }}" \ + -e "tmp_path=$TMP_PATH" \ + -e "pkg_repository=$PKG_REPOSITORY" \ + -e "install_deps=$INSTALL_DEPS" \ + -e "install_python=$INSTALL_PYTHON" \ + -e "install_pip_deps=$INSTALL_PIP_DEPS" \ + "${{ inputs.VERBOSITY }}" + - name: Execute certificates generation playbook run: | TEST_NAME="${{ env.TEST_NAME }}_certificates" From ca9051f0801ee72d6c33d705bd3a4ac854627ce4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 10 Sep 2024 11:05:53 +0200 Subject: [PATCH 046/126] Added certificates copy playbook execution --- .../Test_installation_assistant_distributed.yml | 12 +++++++++++- .../distributed_copy_certificates.yml | 12 ++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/ansible-playbooks/distributed_copy_certificates.yml diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index dc96551..8a7e64a 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -54,6 +54,7 @@ env: SESSION_NAME: "Installation-Assistant-Test" REGION: "us-east-1" TMP_PATH: "/tmp/test" + RESOURCES_PATH: "${{ github.workspace }}" LOGS_PATH: "${{ github.workspace }}/assistant_logs" PKG_REPOSITORY: "${{ inputs.REPOSITORY }}" TEST_NAME: "test_assistant_distributed" @@ -226,7 +227,6 @@ jobs: - name: Execute certificates generation playbook run: | TEST_NAME="${{ env.TEST_NAME }}_certificates" - RESOURCES_PATH="${{ github.workspace }}" ansible-playbook .github/workflows/ansible-playbooks/distributed_generate_certificates.yml \ -i $ALLOCATOR_PATH/inventory \ -e "resources_path=$RESOURCES_PATH" \ @@ -234,6 +234,16 @@ jobs: -e "test_name=$TEST_NAME" \ -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" + + - name: Copy certificates to nodes + run: | + TEST_NAME="${{ env.TEST_NAME }}_copy_certificates" + ansible-playbook .github/workflows/ansible-playbooks/distributed_copy_certificates.yml \ + -i $ALLOCATOR_PATH/inventory \ + -l indexers \ + -e "tmp_path=$TMP_PATH" \ + -e "resources_path=$RESOURCES_PATH" \ + "${{ inputs.VERBOSITY }}" - name: Delete allocated VMs if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true diff --git a/.github/workflows/ansible-playbooks/distributed_copy_certificates.yml b/.github/workflows/ansible-playbooks/distributed_copy_certificates.yml new file mode 100644 index 0000000..083b8f4 --- /dev/null +++ b/.github/workflows/ansible-playbooks/distributed_copy_certificates.yml @@ -0,0 +1,12 @@ +--- + - hosts: all + gather_facts: false + tasks: + - name: Copying the wazuh-install-files.tar to the instances + copy: + src: "{{ resources_path }}/wazuh-install-files.tar" + dest: "{{ tmp_path }}/" + force: yes + remote_src: no + become: yes + become_user: root From 48bb2b86eb29ac381e754a2c250dd7ebe1e0f9f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 10 Sep 2024 11:20:14 +0200 Subject: [PATCH 047/126] Added indexer install playbook execution --- ...est_installation_assistant_distributed.yml | 11 +++++ .../distributed_install_indexer.yml | 44 +++++++++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 .github/workflows/ansible-playbooks/distributed_install_indexer.yml diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 8a7e64a..891f40b 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -245,6 +245,17 @@ jobs: -e "resources_path=$RESOURCES_PATH" \ "${{ inputs.VERBOSITY }}" + - name: Execute indexer installation playbook + run: | + TEST_NAME="${{ env.TEST_NAME }}_indexer" + ansible-playbook .github/workflows/ansible-playbooks/distributed_install_indexer.yml \ + -i $ALLOCATOR_PATH/inventory \ + -l indexers \ + -e "tmp_path=$TMP_PATH" \ + -e "logs_path=$LOGS_PATH" \ + -e "test_name=$TEST_NAME" \ + "${{ inputs.VERBOSITY }}" + - name: Delete allocated VMs if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true run: | diff --git a/.github/workflows/ansible-playbooks/distributed_install_indexer.yml b/.github/workflows/ansible-playbooks/distributed_install_indexer.yml new file mode 100644 index 0000000..7f41bd7 --- /dev/null +++ b/.github/workflows/ansible-playbooks/distributed_install_indexer.yml @@ -0,0 +1,44 @@ +--- + - hosts: all + gather_facts: false + become: true + + vars: + test_name: "{{ test_name }}" + test_dir: "/{{ test_name }}" + logs_path: "{{ logs_path }}" + + tasks: + + - name: Create log directory + file: + path: "{{ test_dir }}" + state: directory + + - name: Create log file + file: + dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + state: touch + + - name: Install Wazuh indexer + block: + - name: Install Wazuh indexer + command: "bash {{ tmp_path }}/wazuh-install.sh -wi {{ inventory_hostname }} -v" + register: indexer + + always: + + - name: Save output Wazuh indexer + blockinfile: + marker: "" + path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + block: | + {{ indexer.stderr }} + -------------------------------- + {{ indexer.stdout }} + + - name: Fetch log + fetch: + src: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + dest: "{{ logs_path }}/" + flat: yes From ddbadbca4e20b5b6da28a8a425716eef9be738e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 10 Sep 2024 11:34:12 +0200 Subject: [PATCH 048/126] Added server playbook and task in distributed workflow --- ...est_installation_assistant_distributed.yml | 11 +++++ .../distributed_install_wazuh.yml | 44 +++++++++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 .github/workflows/ansible-playbooks/distributed_install_wazuh.yml diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 891f40b..b1ca31f 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -255,6 +255,17 @@ jobs: -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" + + - name: Execute server installation playbook + run: | + TEST_NAME="${{ env.TEST_NAME }}_server" + ansible-playbook .github/workflows/ansible-playbooks/distributed_install_wazuh.yml \ + -i $ALLOCATOR_PATH/inventory \ + -l managers \ + -e "tmp_path=$TMP_PATH" \ + -e "logs_path=$LOGS_PATH" \ + -e "test_name=$TEST_NAME" \ + "${{ inputs.VERBOSITY }}" - name: Delete allocated VMs if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true diff --git a/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml b/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml new file mode 100644 index 0000000..a116940 --- /dev/null +++ b/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml @@ -0,0 +1,44 @@ +--- +- hosts: all + gather_facts: false + become: true + + vars: + test_name: "{{ test_name }}" + tmp_path: "{{ tmp_path }}" + test_dir: "/{{ test_name }}" + logs_path: "{{ logs_path }}" + + tasks: + - name: Create log directory + file: + path: "{{ test_dir }}" + state: directory + + - name: Create log file + file: + dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + state: touch + + - name: Install Wazuh + block: + + - name: Install Wazuh server + command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v" + register: wazuh + + always: + + - name: Save output Wazuh + blockinfile: + marker: "" + path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + block: | + {{ wazuh.stderr }} + -------------------------------- + {{ wazuh.stdout }} + - name: Fetch log + fetch: + src: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + dest: "{{ logs_path }}/" + flat: yes \ No newline at end of file From d70f8260e34738bdc6371a029302cf4f7e42e6f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 10 Sep 2024 11:35:18 +0200 Subject: [PATCH 049/126] Added dashboard install playbook execution --- ...est_installation_assistant_distributed.yml | 11 +++++ .../distributed_install_dashboard.yml | 46 +++++++++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 .github/workflows/ansible-playbooks/distributed_install_dashboard.yml diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index b1ca31f..56ddcae 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -266,6 +266,17 @@ jobs: -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" + + - name: Execute dashboard installation playbook + run: | + TEST_NAME="${{ env.TEST_NAME }}_dashboard" + ansible-playbook .github/workflows/ansible-playbooks/distributed_install_dashboard.yml \ + -i $ALLOCATOR_PATH/inventory \ + -l dashboards \ + -e "tmp_path=$TMP_PATH" \ + -e "logs_path=$LOGS_PATH" \ + -e "test_name=$TEST_NAME" \ + "${{ inputs.VERBOSITY }}" - name: Delete allocated VMs if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true diff --git a/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml b/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml new file mode 100644 index 0000000..691e17a --- /dev/null +++ b/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml @@ -0,0 +1,46 @@ +--- +- hosts: all + gather_facts: false + become: true + + vars: + test_name: "{{ test_name }}" + test_dir: "/{{ test_name }}" + tmp_path: "{{ tmp_path }}" + logs_path: "{{ logs_path }}" + + tasks: + - name: Create log directory + file: + path: "{{ test_dir }}" + state: directory + + - name: Create log file + file: + dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + state: touch + + - name: Install Wazuh dashboard + block: + + - name: Install Wazuh dashboard + command: "bash wazuh-install.sh -wd {{ inventory_hostname }} -v" + args: + chdir: "{{ tmp_path }}" + register: dashboard + + always: + + - name: Save output Wazuh dashboard + blockinfile: + marker: "" + path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + block: | + {{ dashboard.stderr }} + -------------------------------- + {{ dashboard.stdout }} + - name: Fetch log + fetch: + src: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + dest: "{{ logs_path }}/" + flat: yes \ No newline at end of file From cc14906e99fd80f73d4ac0ef09d25f945e376e41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 10 Sep 2024 11:54:38 +0200 Subject: [PATCH 050/126] Added indexer cluster start playbook execution --- ...est_installation_assistant_distributed.yml | 11 +++++ .../distributed_start_indexer_cluster.yml | 49 +++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 .github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 56ddcae..afff1c4 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -266,6 +266,17 @@ jobs: -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" + + - name: Execute indexer cluster start playbook + run: | + TEST_NAME="${{ env.TEST_NAME }}_start_cluster" + ansible-playbook .github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml \ + -i $ALLOCATOR_PATH/inventory \ + -l indexers \ + -e "tmp_path=$TMP_PATH" \ + -e "logs_path=$LOGS_PATH" \ + -e "test_name=$TEST_NAME" \ + "${{ inputs.VERBOSITY }}" - name: Execute dashboard installation playbook run: | diff --git a/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml b/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml new file mode 100644 index 0000000..12506bd --- /dev/null +++ b/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml @@ -0,0 +1,49 @@ +--- +- hosts: all + gather_facts: false + become: true + + vars: + test_name: "{{ test_name }}" + test_dir: "/{{ test_name }}" + tmp_path: "{{ tmp_path }}" + logs_path: "{{ logs_path }}" + + tasks: + - name: Start Wazuh indexer cluster in just one node + block: + - name: Create log directory + file: + path: "{{ test_dir }}" + state: directory + + - name: Create log file + file: + dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + state: touch + + - name: Start cluster + block: + + - name: Start Wazuh indexer cluster + command: "bash {{ tmp_path }}/wazuh-install.sh -s -v" + register: cluster + + always: + + - name: Save output start cluster + blockinfile: + marker: "" + path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + block: | + {{ cluster.stderr }} + -------------------------------- + {{ cluster.stdout }} + + - name: Fetch log + fetch: + src: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + dest: "{{ logs_path }}/" + flat: yes + when: inventory_hostname == ansible_play_hosts[0] + From b0ff7f4192333e2dbdb32d99f21ebb4320ba6368 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 10 Sep 2024 12:31:32 +0200 Subject: [PATCH 051/126] Changed indexer cluster playbook execution order --- ...Test_installation_assistant_distributed.yml | 18 ++++++++++-------- .../distributed_start_indexer_cluster.yml | 1 - 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index afff1c4..e7c9c5e 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -256,23 +256,25 @@ jobs: -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" - - name: Execute server installation playbook + - name: Execute indexer cluster start playbook run: | - TEST_NAME="${{ env.TEST_NAME }}_server" - ansible-playbook .github/workflows/ansible-playbooks/distributed_install_wazuh.yml \ + TEST_NAME="${{ env.TEST_NAME }}_start_cluster" + INDEXER_ADMIN_PASSWORD="admin" + ansible-playbook .github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml \ -i $ALLOCATOR_PATH/inventory \ - -l managers \ + -l indexers \ -e "tmp_path=$TMP_PATH" \ -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ + -e "indexer_admin_password=$INDEXER_ADMIN_PASSWORD" \ "${{ inputs.VERBOSITY }}" - - name: Execute indexer cluster start playbook + - name: Execute server installation playbook run: | - TEST_NAME="${{ env.TEST_NAME }}_start_cluster" - ansible-playbook .github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml \ + TEST_NAME="${{ env.TEST_NAME }}_server" + ansible-playbook .github/workflows/ansible-playbooks/distributed_install_wazuh.yml \ -i $ALLOCATOR_PATH/inventory \ - -l indexers \ + -l managers \ -e "tmp_path=$TMP_PATH" \ -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ diff --git a/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml b/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml index 12506bd..4c94f8a 100644 --- a/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml +++ b/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml @@ -24,7 +24,6 @@ - name: Start cluster block: - - name: Start Wazuh indexer cluster command: "bash {{ tmp_path }}/wazuh-install.sh -s -v" register: cluster From d89b91c9eb34be50e76dd1ea913ff460fb447354 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 11 Sep 2024 14:23:40 +0200 Subject: [PATCH 052/126] Fixed manager check in distributed deployment --- install_functions/manager.sh | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/install_functions/manager.sh b/install_functions/manager.sh index edc7bd5..6c7c429 100644 --- a/install_functions/manager.sh +++ b/install_functions/manager.sh @@ -44,12 +44,20 @@ function manager_startCluster() { function manager_checkService() { common_logger "Checking Wazuh API connection" - token_command="curl -k -s -X POST -u \"wazuh-wui:wazuh-wui\" https://127.0.0.1:55000/security/user/authenticate/run_as?raw=true -d '{\"user_name\":\"wzread\"}' -H \"content-type:application/json\"" + api_password="wazuh-wui" + token_command="curl -k -s -X POST -u \"wazuh-wui:${api_password}\" https://127.0.0.1:55000/security/user/authenticate/run_as?raw=true -d '{\"user_name\":\"wzread\"}' -H \"content-type:application/json\"" TOKEN=$(eval "${token_command}") - - max_attempts=5 + + # Change curl credentials in case the master node has changed the passwords + if [[ "${TOKEN}" =~ "Invalid credentials" && "${server_node_types[pos]}" == "worker" ]]; then + api_password=$(tar -axf "${tar_file}" wazuh-install-files/wazuh-passwords.txt -O | grep -P "'wazuh-wui'" -A 1 | awk 'NR==2 { print $2 }' | sed "s/'//g") + token_command="curl -k -s -X POST -u \"wazuh-wui:${api_password}\" https://127.0.0.1:55000/security/user/authenticate/run_as?raw=true -d '{\"user_name\":\"wzread\"}' -H \"content-type:application/json\"" + TOKEN=$(eval "${token_command}") + fi + + max_attempts=15 attempt=0 - seconds=3 + seconds=5 while [[ -z "${TOKEN}" && "${attempt}" -lt "${max_attempts}" ]]; do attempt=$((attempt+1)) From e41f764c92ea615687dfd353673546ebef1eef6a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 11 Sep 2024 15:34:00 +0200 Subject: [PATCH 053/126] Updated CHANGELOG for #52 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7fe0fd6..baab317 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ All notable changes to this project will be documented in this file. - Fixed Wazuh API validation ([#29](https://github.com/wazuh/wazuh-installation-assistant/pull/29)) - Fixed token variable empty in Wazuh manager check ([#45](https://github.com/wazuh/wazuh-installation-assistant/pull/45)) +- Fixed manager check in distributed deploymentn ([#52](https://github.com/wazuh/wazuh-installation-assistant/pull/52)) ## [4.9.1] From 49e096deabb245985e4c9d6c03136e37552f7f6e Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Wed, 11 Sep 2024 18:25:36 +0200 Subject: [PATCH 054/126] Fix bug when changing the Filebeat URL --- builder.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/builder.sh b/builder.sh index f007604..632a546 100755 --- a/builder.sh +++ b/builder.sh @@ -86,6 +86,7 @@ function buildInstaller() { echo 'readonly repository="4.x"' >> "${output_script_path}" fi echo >> "${output_script_path}" + checkFilebeatURL grep -Ev '^#|^\s*$' ${resources_common}/commonVariables.sh >> "${output_script_path}" grep -Ev '^#|^\s*$' ${resources_installer}/installVariables.sh >> "${output_script_path}" echo >> "${output_script_path}" @@ -132,9 +133,6 @@ function buildInstaller() { ## Main function and call to it echo >> "${output_script_path}" echo "main \"\$@\"" >> "${output_script_path}" - - checkFilebeatURL - } function buildPasswordsTool() { @@ -309,7 +307,10 @@ function checkDistDetectURL() { function checkFilebeatURL() { # Import variables - eval "$(grep -E "filebeat_wazuh_template=" "${resources_installer}/installVariables.sh")" + eval "$(grep -E "wazuh_version=" "${resources_installer}/installVariables.sh")" + eval "$(grep -E "source_branch=" "${resources_installer}/installVariables.sh" | sed 's/source_branch=/install_variables_source_branch=/')" + eval "$(grep -E "filebeat_wazuh_template=" "${resources_installer}/installVariables.sh" | sed "s/\${source_branch}/$install_variables_source_branch/")" + new_filebeat_url="https://raw.githubusercontent.com/wazuh/wazuh/master/extensions/elasticsearch/7.x/wazuh-template.json" # Get the response of the URL and check it From 4f42cc17739ae7baeb58239609a7032f489f0b47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 12 Sep 2024 08:58:59 +0200 Subject: [PATCH 055/126] Fixed typo in CHANGELOG --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index baab317..e9edcd2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,7 +11,7 @@ All notable changes to this project will be documented in this file. - Fixed Wazuh API validation ([#29](https://github.com/wazuh/wazuh-installation-assistant/pull/29)) - Fixed token variable empty in Wazuh manager check ([#45](https://github.com/wazuh/wazuh-installation-assistant/pull/45)) -- Fixed manager check in distributed deploymentn ([#52](https://github.com/wazuh/wazuh-installation-assistant/pull/52)) +- Fixed manager check in distributed deployment ([#52](https://github.com/wazuh/wazuh-installation-assistant/pull/52)) ## [4.9.1] From 0f7bb3a1cf85d943b1914983c7561ca52a2684da Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Thu, 12 Sep 2024 11:10:38 +0200 Subject: [PATCH 056/126] Add builder condition to use tag when testing a pre-release --- builder.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/builder.sh b/builder.sh index f007604..c5ba5e1 100755 --- a/builder.sh +++ b/builder.sh @@ -16,7 +16,7 @@ readonly resources_certs="${base_path_builder}/cert_tool" readonly resources_passwords="${base_path_builder}/passwords_tool" readonly resources_common="${base_path_builder}/common_functions" readonly resources_download="${base_path_builder}/downloader" -source_branch="4.10.0" +source_branch="v4.10.0" function getHelp() { @@ -48,8 +48,6 @@ function getHelp() { function buildInstaller() { - checkDistDetectURL - output_script_path="${base_path_builder}/wazuh-install.sh" ## Create installer script @@ -76,7 +74,10 @@ function buildInstaller() { echo 'readonly filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.4.tar.gz"' >> "${output_script_path}" echo 'readonly bucket="packages-dev.wazuh.com"' >> "${output_script_path}" echo 'readonly repository="'"${devrepo}"'"' >> "${output_script_path}" - sed -i 's|v${wazuh_version}|${wazuh_version}|g' "${resources_installer}/installVariables.sh" + if [[ ! $(grep -E "source_branch=" "${resources_installer}/installVariables.sh" | sed -E 's/.*source_branch="([^"]+)"/\1/') =~ "-" ]]; then + sed -i 's|v${wazuh_version}|${wazuh_version}|g' "${resources_installer}/installVariables.sh" + pre_release_tag=1 + fi else echo 'readonly repogpg="https://packages.wazuh.com/key/GPG-KEY-WAZUH"' >> "${output_script_path}" echo 'readonly repobaseurl="https://packages.wazuh.com/4.x"' >> "${output_script_path}" @@ -116,6 +117,7 @@ function buildInstaller() { done ## dist-detect.sh + checkDistDetectURL echo "function dist_detect() {" >> "${output_script_path}" curl -s "https://raw.githubusercontent.com/wazuh/wazuh/${source_branch}/src/init/dist-detect.sh" | sed '/^#/d' >> "${output_script_path}" echo "}" >> "${output_script_path}" @@ -267,7 +269,7 @@ function builder_main() { if [ -n "${change_filebeat_url}" ]; then sed -i -E "s|(https.+)master(.+wazuh-template.json)|\1\\$\\{source_branch\\}\2|" "${resources_installer}/installVariables.sh" fi - if [ -n "${development}" ]; then + if [[ -n "${development}" && -n "${pre_release_tag}" ]]; then sed -i 's|${wazuh_version}|v${wazuh_version}|g' "${resources_installer}/installVariables.sh" fi fi @@ -286,7 +288,6 @@ function builder_main() { function checkDistDetectURL() { urls=("https://raw.githubusercontent.com/wazuh/wazuh/${source_branch}/src/init/dist-detect.sh" - "https://raw.githubusercontent.com/wazuh/wazuh/v${source_branch}/src/init/dist-detect.sh" "https://raw.githubusercontent.com/wazuh/wazuh/master/src/init/dist-detect.sh") for url in "${urls[@]}"; do From 91e970f9bfe72566af4e9ac5fb783bddf20060b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 13 Sep 2024 09:57:27 +0200 Subject: [PATCH 057/126] Changed TOKEN obtaining order --- install_functions/manager.sh | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/install_functions/manager.sh b/install_functions/manager.sh index 6c7c429..e20b9dc 100644 --- a/install_functions/manager.sh +++ b/install_functions/manager.sh @@ -44,10 +44,23 @@ function manager_startCluster() { function manager_checkService() { common_logger "Checking Wazuh API connection" + + max_attempts=15 + attempt=0 + seconds=5 api_password="wazuh-wui" token_command="curl -k -s -X POST -u \"wazuh-wui:${api_password}\" https://127.0.0.1:55000/security/user/authenticate/run_as?raw=true -d '{\"user_name\":\"wzread\"}' -H \"content-type:application/json\"" TOKEN=$(eval "${token_command}") + # Wait for the API to be ready + while [[ -z "${TOKEN}" && "${attempt}" -lt "${max_attempts}" ]]; do + attempt=$((attempt+1)) + common_logger "Attempt $attempt: Checking the Wazuh API to be ready" + sleep "${seconds}" + TOKEN=$(eval "${token_command}") + done + common_logger "Wazuh API is ready to receive requests." + # Change curl credentials in case the master node has changed the passwords if [[ "${TOKEN}" =~ "Invalid credentials" && "${server_node_types[pos]}" == "worker" ]]; then api_password=$(tar -axf "${tar_file}" wazuh-install-files/wazuh-passwords.txt -O | grep -P "'wazuh-wui'" -A 1 | awk 'NR==2 { print $2 }' | sed "s/'//g") @@ -55,17 +68,6 @@ function manager_checkService() { TOKEN=$(eval "${token_command}") fi - max_attempts=15 - attempt=0 - seconds=5 - - while [[ -z "${TOKEN}" && "${attempt}" -lt "${max_attempts}" ]]; do - attempt=$((attempt+1)) - common_logger "Attempt $attempt: Trying to get Wazuh API token" - sleep "${seconds}" - TOKEN=$(eval "${token_command}") - done - if [[ -z "${TOKEN}" ]]; then common_logger -e "Failed to obtain Wazuh API token after $max_attempts attempts." installCommon_rollBack From 12d7a37ecbdf5302b99f21a074d747779a8837a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 13 Sep 2024 10:12:48 +0200 Subject: [PATCH 058/126] Updated CHANGELOG for #57 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e9edcd2..8818f81 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ All notable changes to this project will be documented in this file. - Fixed Wazuh API validation ([#29](https://github.com/wazuh/wazuh-installation-assistant/pull/29)) - Fixed token variable empty in Wazuh manager check ([#45](https://github.com/wazuh/wazuh-installation-assistant/pull/45)) - Fixed manager check in distributed deployment ([#52](https://github.com/wazuh/wazuh-installation-assistant/pull/52)) +- Changed command order execution to get the TOKEN ([#57](https://github.com/wazuh/wazuh-installation-assistant/pull/57)) ## [4.9.1] From b29e4e5b36f9d27514045e51f566498a9b369ae4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 13 Sep 2024 10:47:02 +0200 Subject: [PATCH 059/126] Workers wait master node to be installed --- .../distributed_install_wazuh.yml | 45 ++++++++++++++----- 1 file changed, 35 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml b/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml index a116940..26a5fae 100644 --- a/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml +++ b/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml @@ -8,6 +8,10 @@ tmp_path: "{{ tmp_path }}" test_dir: "/{{ test_name }}" logs_path: "{{ logs_path }}" + master_ip: "{{ hostvars[groups['managers'] | select('match', 'master') | first]['private_ip'] }}" + check_port: 55000 + retries: 10 + delay: 30 tasks: - name: Create log directory @@ -20,16 +24,39 @@ dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" state: touch - - name: Install Wazuh + - name: Install Wazuh server on master block: - - - name: Install Wazuh server + - name: Install Wazuh server (Master) command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v" register: wazuh + + - name: Save Wazuh installation log (Master) + blockinfile: + marker: "" + path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + block: | + {{ wazuh.stderr }} + -------------------------------- + {{ wazuh.stdout }} + when: hostvars[inventory_hostname].manager_type == 'master' - always: + - name: Install Wazuh server on worker nodes + block: + - name: Wait for Wazuh master to be ready on port {{ check_port }} + wait_for: + host: "{{ master_ip }}" + port: "{{ check_port }}" + delay: "{{ delay }}" + timeout: 300 + when: hostvars[inventory_hostname].manager_type == 'worker' + async: 500 + poll: 5 - - name: Save output Wazuh + - name: Install Wazuh server (Workers) + command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v" + register: wazuh + + - name: Save Wazuh installation log (Workers) blockinfile: marker: "" path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" @@ -37,8 +64,6 @@ {{ wazuh.stderr }} -------------------------------- {{ wazuh.stdout }} - - name: Fetch log - fetch: - src: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - dest: "{{ logs_path }}/" - flat: yes \ No newline at end of file + when: hostvars[inventory_hostname].manager_type == 'worker' + + From 7244372ad27bfc365cd4d2045f92057e9ebf6e9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 13 Sep 2024 15:36:34 +0200 Subject: [PATCH 060/126] Added distributed test playbook execution --- ...est_installation_assistant_distributed.yml | 17 ++- .../ansible-playbooks/distributed_tests.yml | 110 ++++++++++++++++++ 2 files changed, 124 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/ansible-playbooks/distributed_tests.yml diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index e7c9c5e..0ffc24a 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -181,17 +181,17 @@ jobs: # Add instance to corresponding group if [[ $i -eq 0 ]]; then echo "indexer1 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers - echo "master ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=master" >> $inventory_managers + echo "master ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=master instance_type=indexer_manager" >> $inventory_managers echo "ansible_user=$ansible_user" >> $inventory_common echo "ansible_port=$ansible_port" >> $inventory_common echo "ansible_ssh_common_args='$ansible_ssh_common_args'" >> $inventory_common elif [[ $i -eq 1 ]]; then echo "indexer2 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers - echo "worker1 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=worker" >> $inventory_managers + echo "worker1 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=worker instance_type=indexer_manager" >> $inventory_managers else echo "indexer3 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers - echo "worker2 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=worker" >> $inventory_managers + echo "worker2 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=worker instance_type=indexer_manager_dashboard" >> $inventory_managers echo "dashboard ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_dashboards fi ) & @@ -290,6 +290,17 @@ jobs: -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" + + - name: Execute Python test playbook + run: | + TEST_NAME="test_installation_assistant" + ansible-playbook .github/workflows/ansible-playbooks/distributed_tests.yml \ + -i $ALLOCATOR_PATH/inventory \ + -l managers \ + -e "tmp_path=$TMP_PATH" \ + -e "logs_path=$LOGS_PATH" \ + -e "test_name=$TEST_NAME" \ + "${{ inputs.VERBOSITY }}" - name: Delete allocated VMs if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true diff --git a/.github/workflows/ansible-playbooks/distributed_tests.yml b/.github/workflows/ansible-playbooks/distributed_tests.yml new file mode 100644 index 0000000..b3fbf54 --- /dev/null +++ b/.github/workflows/ansible-playbooks/distributed_tests.yml @@ -0,0 +1,110 @@ +--- +- hosts: all + gather_facts: false + become: true + + vars: + script_path: "{{ tmp_path }}/tests/install" + test_name: "{{ test_name }}" + script_name: "{{ test_name }}.py" + test_dir: "/{{ test_name }}" + logs_path: "{{ logs_path }}" + + tasks: + + - name: Create log directory + file: + path: "{{ test_dir }}" + state: directory + + - name: Create log file + file: + dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + state: touch + + - name: Test distributed master + block: + + - name: Execute tests Master + command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh_cluster\"" + args: + chdir: "{{ script_path }}" + register: test_results_master + when: + - hostvars[inventory_hostname].manager_type == 'master' + + - name: Execute tests Workers + command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh_worker\"" + args: + chdir: "{{ script_path }}" + register: test_results_worker + when: + - hostvars[inventory_hostname].manager_type == 'worker' + + - name: Execute tests indexer_manager + command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh or indexer or indexer_cluster\"" + args: + chdir: "{{ script_path }}" + register: test_results_indexer_manager + when: + - hostvars[inventory_hostname].instance_type == 'indexer_manager' + + - name: Execute tests indexer_manager_dashboard + command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh or indexer or indexer_cluster or dashboard\"" + args: + chdir: "{{ script_path }}" + register: test_results_indexer_manager_dashboard + when: + - hostvars[inventory_hostname].instance_type == 'indexer_manager_dashboard' + + always: + + - name: Save output Master + blockinfile: + path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + marker: "" + block: | + {{ test_results_master.stderr }} + -------------------------------- + {{ test_results_master.stdout }} + when: + - hostvars[inventory_hostname].manager_type == 'master' + + - name: Save output Worker + blockinfile: + path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + marker: "" + block: | + {{ test_results_worker.stderr }} + -------------------------------- + {{ test_results_worker.stdout }} + when: + - hostvars[inventory_hostname].manager_type == 'worker' + + - name: Save output indexer_manager + blockinfile: + path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + marker: "" + block: | + {{ test_results_indexer_manager.stderr }} + -------------------------------- + {{ test_results_indexer_manager.stdout }} + when: + - hostvars[inventory_hostname].instance_type == 'indexer_manager' + + - name: Save output indexer_manager_dashboard + blockinfile: + path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + marker: "" + block: | + {{ test_results_indexer_manager_dashboard.stderr }} + -------------------------------- + {{ test_results_indexer_manager_dashboard.stdout }} + when: + - hostvars[inventory_hostname].instance_type == 'indexer_manager_dashboard' + + - name: Fetch logs + fetch: + src: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" + dest: "{{ logs_path }}/" + flat: yes \ No newline at end of file From 008e2c7188e1dfa50b69a0cc5f55ddcb0126741f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 13 Sep 2024 16:23:38 +0200 Subject: [PATCH 061/126] Improving the playbooks output --- ...est_installation_assistant_distributed.yml | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 0ffc24a..0781347 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -54,6 +54,7 @@ env: SESSION_NAME: "Installation-Assistant-Test" REGION: "us-east-1" TMP_PATH: "/tmp/test" + ANSIBLE_CALLBACK: "yaml" RESOURCES_PATH: "${{ github.workspace }}" LOGS_PATH: "${{ github.workspace }}/assistant_logs" PKG_REPOSITORY: "${{ inputs.REPOSITORY }}" @@ -120,8 +121,8 @@ jobs: echo "COMPOSITE_NAME=$COMPOSITE_NAME" >> $GITHUB_ENV - name: Install Ansible - run: sudo apt-get update && sudo apt install -y python3 && python3 -m pip install --user ansible-core==2.16 - + run: sudo apt-get update && sudo apt install -y python3 && python3 -m pip install --user ansible-core==2.16 && pip install pyyaml && ansible-galaxy collection install community.general + - name: Set up AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -212,7 +213,7 @@ jobs: INSTALL_PYTHON=true INSTALL_PIP_DEPS=true - ansible-playbook .github/workflows/ansible-playbooks/provision.yml \ + ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/provision.yml \ -i $ALLOCATOR_PATH/inventory \ -l indexers \ -e "repository=$REPOSITORY_URL" \ @@ -227,7 +228,7 @@ jobs: - name: Execute certificates generation playbook run: | TEST_NAME="${{ env.TEST_NAME }}_certificates" - ansible-playbook .github/workflows/ansible-playbooks/distributed_generate_certificates.yml \ + ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_generate_certificates.yml \ -i $ALLOCATOR_PATH/inventory \ -e "resources_path=$RESOURCES_PATH" \ -e "logs_path=$LOGS_PATH" \ @@ -238,7 +239,7 @@ jobs: - name: Copy certificates to nodes run: | TEST_NAME="${{ env.TEST_NAME }}_copy_certificates" - ansible-playbook .github/workflows/ansible-playbooks/distributed_copy_certificates.yml \ + ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_copy_certificates.yml \ -i $ALLOCATOR_PATH/inventory \ -l indexers \ -e "tmp_path=$TMP_PATH" \ @@ -248,7 +249,7 @@ jobs: - name: Execute indexer installation playbook run: | TEST_NAME="${{ env.TEST_NAME }}_indexer" - ansible-playbook .github/workflows/ansible-playbooks/distributed_install_indexer.yml \ + ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_install_indexer.yml \ -i $ALLOCATOR_PATH/inventory \ -l indexers \ -e "tmp_path=$TMP_PATH" \ @@ -260,7 +261,7 @@ jobs: run: | TEST_NAME="${{ env.TEST_NAME }}_start_cluster" INDEXER_ADMIN_PASSWORD="admin" - ansible-playbook .github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml \ + ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml \ -i $ALLOCATOR_PATH/inventory \ -l indexers \ -e "tmp_path=$TMP_PATH" \ @@ -272,7 +273,7 @@ jobs: - name: Execute server installation playbook run: | TEST_NAME="${{ env.TEST_NAME }}_server" - ansible-playbook .github/workflows/ansible-playbooks/distributed_install_wazuh.yml \ + ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_install_wazuh.yml \ -i $ALLOCATOR_PATH/inventory \ -l managers \ -e "tmp_path=$TMP_PATH" \ @@ -283,7 +284,7 @@ jobs: - name: Execute dashboard installation playbook run: | TEST_NAME="${{ env.TEST_NAME }}_dashboard" - ansible-playbook .github/workflows/ansible-playbooks/distributed_install_dashboard.yml \ + ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_install_dashboard.yml \ -i $ALLOCATOR_PATH/inventory \ -l dashboards \ -e "tmp_path=$TMP_PATH" \ @@ -294,7 +295,7 @@ jobs: - name: Execute Python test playbook run: | TEST_NAME="test_installation_assistant" - ansible-playbook .github/workflows/ansible-playbooks/distributed_tests.yml \ + ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_tests.yml \ -i $ALLOCATOR_PATH/inventory \ -l managers \ -e "tmp_path=$TMP_PATH" \ From c2d44bbfa2fca66ce114a8e99d7d09a33f813f3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 16 Sep 2024 11:29:07 +0200 Subject: [PATCH 062/126] Added allocator info upload as artifact --- .../Test_installation_assistant_distributed.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 0781347..3487df8 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -302,6 +302,19 @@ jobs: -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" + + - name: Compress Allocator VM directory + id: compress_allocator_files + if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == false + run: | + zip -P "${{ secrets.ZIP_ARTIFACTS_PASSWORD }}" -r $ALLOCATOR_PATH.zip $ALLOCATOR_PATH + + - name: Upload Allocator VM directory as artifact + if: always() && steps.compress_allocator_files.outcome == 'success' && inputs.DESTROY == false + uses: actions/upload-artifact@v4 + with: + name: allocator-instance-${{ matrix.system }} + path: ${{ env.ALLOCATOR_PATH }}.zip - name: Delete allocated VMs if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true From 1d46ba6ad9934becef42936ccb41634792689aab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 16 Sep 2024 14:44:41 +0200 Subject: [PATCH 063/126] Removed logs save logic --- .github/workflows/ansible-playbooks/aio.yml | 45 +++---------------- .../workflows/ansible-playbooks/aio_tests.yml | 41 +++-------------- 2 files changed, 11 insertions(+), 75 deletions(-) diff --git a/.github/workflows/ansible-playbooks/aio.yml b/.github/workflows/ansible-playbooks/aio.yml index cbf9e90..1ab2b12 100644 --- a/.github/workflows/ansible-playbooks/aio.yml +++ b/.github/workflows/ansible-playbooks/aio.yml @@ -5,45 +5,12 @@ vars: script_path: "{{ tmp_path }}" script_name: "wazuh-install.sh" - script_builder: "builder.sh" - test_name: "{{ test_name }}" - test_dir: "/{{ test_name }}" - logs_path: "{{ logs_path }}" tasks: - - - name: Create log directory - file: - path: "{{ test_dir }}" - state: directory - - - name: Create log file - file: - dest: "{{ test_dir }}/{{ test_name }}.log" - state: touch - - name: Test assistant AIO install - block: - - name: Perform AIO installation - command: "bash {{ script_name }} -a -v" - args: - chdir: "{{ script_path }}" - register: install_results - async: 500 - poll: 5 - - always: - - name: Save output - blockinfile: - marker: "" - path: "{{ test_dir }}/{{ test_name }}.log" - block: | - {{ install_results.stderr }} - -------------------------------- - {{ install_results.stdout }} - - - name: Fetch log - fetch: - src: "{{ test_dir }}/{{ test_name }}.log" - dest: "{{ logs_path }}/" - flat: yes + command: "bash {{ script_name }} -a -v" + args: + chdir: "{{ script_path }}" + register: install_results + async: 500 + poll: 5 diff --git a/.github/workflows/ansible-playbooks/aio_tests.yml b/.github/workflows/ansible-playbooks/aio_tests.yml index 79b97e2..1f82888 100644 --- a/.github/workflows/ansible-playbooks/aio_tests.yml +++ b/.github/workflows/ansible-playbooks/aio_tests.yml @@ -4,42 +4,11 @@ vars: script_path: "{{ tmp_path }}/tests/install" - test_name: "{{ test_name }}" script_name: "{{ test_name }}.py" - test_dir: "/{{ test_name }}" - logs_path: "{{ logs_path }}" + tasks: - - - name: Create log directory - file: - path: "{{ test_dir }}" - state: directory - - - name: Create log file - file: - dest: "{{ test_dir }}/{{ test_name }}.log" - state: touch - - name: Test unattended AIO install - block: - - name: Launch AIO test - command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh or wazuh_worker or indexer or dashboard\"" - args: - chdir: "{{ script_path }}" - register: test_results - - always: - - name: Save output - blockinfile: - marker: "" - path: "{{ test_dir }}/{{ test_name }}.log" - block: | - {{ test_results.stderr }} - -------------------------------- - {{ test_results.stdout }} - - - name: Fetch log - fetch: - src: "{{ test_dir }}/{{ test_name }}.log" - dest: "{{ logs_path }}/" - flat: yes + command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh or wazuh_worker or indexer or dashboard\"" + args: + chdir: "{{ script_path }}" + register: test_results From 841f56881aec749b118ae1c9441b62e301e50c80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 16 Sep 2024 16:28:23 +0200 Subject: [PATCH 064/126] Removed logs save logic --- ...est_installation_assistant_distributed.yml | 22 +-- .../distributed_generate_certificates.yml | 28 ---- .../distributed_install_dashboard.yml | 40 +----- .../distributed_install_indexer.yml | 37 +---- .../distributed_install_wazuh.yml | 41 +----- .../distributed_start_indexer_cluster.yml | 40 +----- .../ansible-playbooks/distributed_tests.yml | 131 +++++------------- 7 files changed, 46 insertions(+), 293 deletions(-) diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 3487df8..6e0c23c 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -56,9 +56,8 @@ env: TMP_PATH: "/tmp/test" ANSIBLE_CALLBACK: "yaml" RESOURCES_PATH: "${{ github.workspace }}" - LOGS_PATH: "${{ github.workspace }}/assistant_logs" PKG_REPOSITORY: "${{ inputs.REPOSITORY }}" - TEST_NAME: "test_assistant_distributed" + TEST_NAME: "test_installation_assistant" REPOSITORY_URL: "${{ github.server_url }}/${{ github.repository }}.git" ALLOCATOR_PATH: "/tmp/allocator_instance" INSTANCE_NAMES: "instance_1 instance_2 instance_3" @@ -227,18 +226,14 @@ jobs: - name: Execute certificates generation playbook run: | - TEST_NAME="${{ env.TEST_NAME }}_certificates" ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_generate_certificates.yml \ -i $ALLOCATOR_PATH/inventory \ -e "resources_path=$RESOURCES_PATH" \ - -e "logs_path=$LOGS_PATH" \ - -e "test_name=$TEST_NAME" \ -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - name: Copy certificates to nodes run: | - TEST_NAME="${{ env.TEST_NAME }}_copy_certificates" ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_copy_certificates.yml \ -i $ALLOCATOR_PATH/inventory \ -l indexers \ @@ -248,58 +243,43 @@ jobs: - name: Execute indexer installation playbook run: | - TEST_NAME="${{ env.TEST_NAME }}_indexer" ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_install_indexer.yml \ -i $ALLOCATOR_PATH/inventory \ -l indexers \ -e "tmp_path=$TMP_PATH" \ - -e "logs_path=$LOGS_PATH" \ - -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" - name: Execute indexer cluster start playbook run: | - TEST_NAME="${{ env.TEST_NAME }}_start_cluster" INDEXER_ADMIN_PASSWORD="admin" ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml \ -i $ALLOCATOR_PATH/inventory \ -l indexers \ -e "tmp_path=$TMP_PATH" \ - -e "logs_path=$LOGS_PATH" \ - -e "test_name=$TEST_NAME" \ - -e "indexer_admin_password=$INDEXER_ADMIN_PASSWORD" \ "${{ inputs.VERBOSITY }}" - name: Execute server installation playbook run: | - TEST_NAME="${{ env.TEST_NAME }}_server" ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_install_wazuh.yml \ -i $ALLOCATOR_PATH/inventory \ -l managers \ -e "tmp_path=$TMP_PATH" \ - -e "logs_path=$LOGS_PATH" \ - -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" - name: Execute dashboard installation playbook run: | - TEST_NAME="${{ env.TEST_NAME }}_dashboard" ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_install_dashboard.yml \ -i $ALLOCATOR_PATH/inventory \ -l dashboards \ -e "tmp_path=$TMP_PATH" \ - -e "logs_path=$LOGS_PATH" \ - -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" - name: Execute Python test playbook run: | - TEST_NAME="test_installation_assistant" ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_tests.yml \ -i $ALLOCATOR_PATH/inventory \ -l managers \ -e "tmp_path=$TMP_PATH" \ - -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" diff --git a/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml b/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml index 8d00600..0bfeb88 100644 --- a/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml +++ b/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml @@ -3,23 +3,10 @@ become: true vars: - test_name: "{{ test_name }}" - test_dir: "/{{ test_name }}" - logs_path: "{{ log_folder }}" resources_path: "{{ resources_path }}" pkg_repository: "{{ pkg_repository }}" tasks: - - name: Create log directory - file: - path: "{{ test_dir }}" - state: directory - - - name: Create log file - file: - dest: "{{ test_dir }}/{{ test_name }}.log" - state: touch - - name: Create certificates block: - name: Rendering wazuh-config file @@ -39,18 +26,3 @@ - name: Give read permissions to wazuh-install-files.tar shell: "chmod +r {{ resources_path }}/wazuh-install-files.tar" - always: - - name: Save output certificate build and creation - blockinfile: - marker: "" - path: "{{ test_dir }}/{{ test_name }}.log" - block: | - {{ certificates_install.stderr }} - -------------------------------- - {{ certificates_install.stdout }} - - - name: Fetch log - fetch: - src: "{{ test_dir }}/{{ test_name }}.log" - dest: "{{ logs_path }}/" - flat: yes diff --git a/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml b/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml index 691e17a..539bad4 100644 --- a/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml +++ b/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml @@ -4,43 +4,11 @@ become: true vars: - test_name: "{{ test_name }}" - test_dir: "/{{ test_name }}" tmp_path: "{{ tmp_path }}" - logs_path: "{{ logs_path }}" tasks: - - name: Create log directory - file: - path: "{{ test_dir }}" - state: directory - - - name: Create log file - file: - dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - state: touch - - name: Install Wazuh dashboard - block: - - - name: Install Wazuh dashboard - command: "bash wazuh-install.sh -wd {{ inventory_hostname }} -v" - args: - chdir: "{{ tmp_path }}" - register: dashboard - - always: - - - name: Save output Wazuh dashboard - blockinfile: - marker: "" - path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - block: | - {{ dashboard.stderr }} - -------------------------------- - {{ dashboard.stdout }} - - name: Fetch log - fetch: - src: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - dest: "{{ logs_path }}/" - flat: yes \ No newline at end of file + command: "bash wazuh-install.sh -wd {{ inventory_hostname }} -v" + args: + chdir: "{{ tmp_path }}" + register: dashboard diff --git a/.github/workflows/ansible-playbooks/distributed_install_indexer.yml b/.github/workflows/ansible-playbooks/distributed_install_indexer.yml index 7f41bd7..57d385e 100644 --- a/.github/workflows/ansible-playbooks/distributed_install_indexer.yml +++ b/.github/workflows/ansible-playbooks/distributed_install_indexer.yml @@ -4,41 +4,10 @@ become: true vars: - test_name: "{{ test_name }}" - test_dir: "/{{ test_name }}" - logs_path: "{{ logs_path }}" + tmp_path: "{{ tmp_path }}" tasks: - - - name: Create log directory - file: - path: "{{ test_dir }}" - state: directory - - - name: Create log file - file: - dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - state: touch - - name: Install Wazuh indexer - block: - - name: Install Wazuh indexer - command: "bash {{ tmp_path }}/wazuh-install.sh -wi {{ inventory_hostname }} -v" - register: indexer - - always: - - - name: Save output Wazuh indexer - blockinfile: - marker: "" - path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - block: | - {{ indexer.stderr }} - -------------------------------- - {{ indexer.stdout }} + command: "bash {{ tmp_path }}/wazuh-install.sh -wi {{ inventory_hostname }} -v" + register: indexer - - name: Fetch log - fetch: - src: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - dest: "{{ logs_path }}/" - flat: yes diff --git a/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml b/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml index 26a5fae..a128a19 100644 --- a/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml +++ b/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml @@ -4,40 +4,14 @@ become: true vars: - test_name: "{{ test_name }}" tmp_path: "{{ tmp_path }}" - test_dir: "/{{ test_name }}" - logs_path: "{{ logs_path }}" master_ip: "{{ hostvars[groups['managers'] | select('match', 'master') | first]['private_ip'] }}" check_port: 55000 - retries: 10 - delay: 30 tasks: - - name: Create log directory - file: - path: "{{ test_dir }}" - state: directory - - - name: Create log file - file: - dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - state: touch - - name: Install Wazuh server on master - block: - - name: Install Wazuh server (Master) - command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v" - register: wazuh - - - name: Save Wazuh installation log (Master) - blockinfile: - marker: "" - path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - block: | - {{ wazuh.stderr }} - -------------------------------- - {{ wazuh.stdout }} + command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v" + register: wazuh when: hostvars[inventory_hostname].manager_type == 'master' - name: Install Wazuh server on worker nodes @@ -46,7 +20,7 @@ wait_for: host: "{{ master_ip }}" port: "{{ check_port }}" - delay: "{{ delay }}" + delay: 30 timeout: 300 when: hostvars[inventory_hostname].manager_type == 'worker' async: 500 @@ -55,15 +29,6 @@ - name: Install Wazuh server (Workers) command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v" register: wazuh - - - name: Save Wazuh installation log (Workers) - blockinfile: - marker: "" - path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - block: | - {{ wazuh.stderr }} - -------------------------------- - {{ wazuh.stdout }} when: hostvars[inventory_hostname].manager_type == 'worker' diff --git a/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml b/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml index 4c94f8a..37d8cbb 100644 --- a/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml +++ b/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml @@ -4,45 +4,13 @@ become: true vars: - test_name: "{{ test_name }}" - test_dir: "/{{ test_name }}" tmp_path: "{{ tmp_path }}" - logs_path: "{{ logs_path }}" tasks: - name: Start Wazuh indexer cluster in just one node - block: - - name: Create log directory - file: - path: "{{ test_dir }}" - state: directory - - - name: Create log file - file: - dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - state: touch - - - name: Start cluster - block: - - name: Start Wazuh indexer cluster - command: "bash {{ tmp_path }}/wazuh-install.sh -s -v" - register: cluster - - always: - - - name: Save output start cluster - blockinfile: - marker: "" - path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - block: | - {{ cluster.stderr }} - -------------------------------- - {{ cluster.stdout }} - - - name: Fetch log - fetch: - src: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - dest: "{{ logs_path }}/" - flat: yes + block: + - name: Start Wazuh indexer cluster + command: "bash {{ tmp_path }}/wazuh-install.sh -s -v" + register: cluster when: inventory_hostname == ansible_play_hosts[0] diff --git a/.github/workflows/ansible-playbooks/distributed_tests.yml b/.github/workflows/ansible-playbooks/distributed_tests.yml index b3fbf54..2d4cfbf 100644 --- a/.github/workflows/ansible-playbooks/distributed_tests.yml +++ b/.github/workflows/ansible-playbooks/distributed_tests.yml @@ -5,106 +5,37 @@ vars: script_path: "{{ tmp_path }}/tests/install" - test_name: "{{ test_name }}" script_name: "{{ test_name }}.py" - test_dir: "/{{ test_name }}" - logs_path: "{{ logs_path }}" tasks: - - - name: Create log directory - file: - path: "{{ test_dir }}" - state: directory - - - name: Create log file - file: - dest: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - state: touch - - - name: Test distributed master - block: - - - name: Execute tests Master - command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh_cluster\"" - args: - chdir: "{{ script_path }}" - register: test_results_master - when: - - hostvars[inventory_hostname].manager_type == 'master' - - - name: Execute tests Workers - command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh_worker\"" - args: - chdir: "{{ script_path }}" - register: test_results_worker - when: - - hostvars[inventory_hostname].manager_type == 'worker' - - - name: Execute tests indexer_manager - command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh or indexer or indexer_cluster\"" - args: - chdir: "{{ script_path }}" - register: test_results_indexer_manager - when: - - hostvars[inventory_hostname].instance_type == 'indexer_manager' - - - name: Execute tests indexer_manager_dashboard - command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh or indexer or indexer_cluster or dashboard\"" - args: - chdir: "{{ script_path }}" - register: test_results_indexer_manager_dashboard - when: - - hostvars[inventory_hostname].instance_type == 'indexer_manager_dashboard' - - always: - - - name: Save output Master - blockinfile: - path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - marker: "" - block: | - {{ test_results_master.stderr }} - -------------------------------- - {{ test_results_master.stdout }} - when: - - hostvars[inventory_hostname].manager_type == 'master' - - - name: Save output Worker - blockinfile: - path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - marker: "" - block: | - {{ test_results_worker.stderr }} - -------------------------------- - {{ test_results_worker.stdout }} - when: - - hostvars[inventory_hostname].manager_type == 'worker' - - - name: Save output indexer_manager - blockinfile: - path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - marker: "" - block: | - {{ test_results_indexer_manager.stderr }} - -------------------------------- - {{ test_results_indexer_manager.stdout }} - when: - - hostvars[inventory_hostname].instance_type == 'indexer_manager' - - - name: Save output indexer_manager_dashboard - blockinfile: - path: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - marker: "" - block: | - {{ test_results_indexer_manager_dashboard.stderr }} - -------------------------------- - {{ test_results_indexer_manager_dashboard.stdout }} - when: - - hostvars[inventory_hostname].instance_type == 'indexer_manager_dashboard' - - - name: Fetch logs - fetch: - src: "{{ test_dir }}/{{ test_name }}_{{ inventory_hostname }}.log" - dest: "{{ logs_path }}/" - flat: yes \ No newline at end of file + - name: Execute tests Master + command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh_cluster\"" + args: + chdir: "{{ script_path }}" + register: test_results_master + when: + - hostvars[inventory_hostname].manager_type == 'master' + + - name: Execute tests Workers + command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh_worker\"" + args: + chdir: "{{ script_path }}" + register: test_results_worker + when: + - hostvars[inventory_hostname].manager_type == 'worker' + + - name: Execute tests indexer_manager + command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh or indexer or indexer_cluster\"" + args: + chdir: "{{ script_path }}" + register: test_results_indexer_manager + when: + - hostvars[inventory_hostname].instance_type == 'indexer_manager' + + - name: Execute tests indexer_manager_dashboard + command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh or indexer or indexer_cluster or dashboard\"" + args: + chdir: "{{ script_path }}" + register: test_results_indexer_manager_dashboard + when: + - hostvars[inventory_hostname].instance_type == 'indexer_manager_dashboard' From 4864a73814f9f9d2c623d75c0f3ed20297419a6d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 16 Sep 2024 17:12:49 +0200 Subject: [PATCH 065/126] Changed repository reference to the workflow branch --- .../workflows/Test_installation_assistant_distributed.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 6e0c23c..c7b62b0 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -24,14 +24,10 @@ on: description: 'Branch or tag of the wazuh-automation repository' required: true default: '4.10.0' - ASSISTANT_REFERENCE: - description: 'Branch or tag of the wazuh-installation-assistant repository' - required: true - default: '4.10.0' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true - default: '["CentOS_8", "AmazonLinux_2","Ubuntu_22", "RHEL8"]' + default: '["Ubuntu_22"]' type: string VERBOSITY: description: 'Verbosity level on playbooks execution' @@ -216,7 +212,7 @@ jobs: -i $ALLOCATOR_PATH/inventory \ -l indexers \ -e "repository=$REPOSITORY_URL" \ - -e "reference=${{ inputs.ASSISTANT_REFERENCE }}" \ + -e "reference=${{ github.ref_name }}" \ -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ -e "install_deps=$INSTALL_DEPS" \ From f21e89a57913f78f28eeafeaa23f8cf0f8c6404c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 16 Sep 2024 17:13:09 +0200 Subject: [PATCH 066/126] Added README for workflows --- .github/workflows/README.md | 60 +++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 .github/workflows/README.md diff --git a/.github/workflows/README.md b/.github/workflows/README.md new file mode 100644 index 0000000..9381003 --- /dev/null +++ b/.github/workflows/README.md @@ -0,0 +1,60 @@ +# Installation assistant workflows + +This repository includes several GitHub Actions workflows. These workflows are designed to automate the testing process for the installation of the Wazuh Installation Assistant in various environments and to build the different tools and scripts. + +## Workflows Overview + +1. `Test_installation_assistant`. +This workflow tests the installation of the Wazuh Installation Assistant in a single-node setup. It triggers on pull requests that modify specific directories or files, and can also be manually dispatched. + +2. `Test_installation_assistant_distributed`. +This workflow is an extension of the Test_installation_assistant workflow, intended for distributed environments. It provisions three instances and simulates a distributed Wazuh deployment across multiple nodes (indexers, managers, and dashboards). + +## Triggering the Workflows +### Automatic Trigger +The workflows tests are triggered automatically when a pull request (PR) is created or updated, affecting the following paths: + +- `cert_tool/` +- `common_functions/` +- `config/` +- `install_functions/` +- `passwords_tool/` +- `tests/` + +### Manual Trigger +The test workflows can be triggered manually via the GitHub interface under the "Actions" tab, using the workflow_dispatch event. When triggered manually, several input parameters are required: + +- **REPOSITORY**: Defines the repository environment (e.g., staging, pre-release). +- **AUTOMATION_REFERENCE**: The branch or tag of the `wazuh-automation` repository, used to clone the Allocation module. +- **SYSTEMS**: A comma-separated list of operating systems to be tested, enclosed in square brackets (e.g., `["CentOS_8", "AmazonLinux_2", "Ubuntu_22", "RHEL8"]`). The available options are: `CentOS_7`, `CentOS_8`, `AmazonLinux_2`, `Ubuntu_16`, `Ubuntu_18`, `Ubuntu_20`, `Ubuntu_22`, `RHEL7`, `RHEL8`. +- **VERBOSITY**: The verbosity level for Ansible playbook execution, with options `-v`, `-vv`, `-vvv`, and `-vvvv`. +- **DESTROY**: Boolean value (true or false) indicating whether to destroy the instances after testing. + +## Workflow Structure +### Jobs + +The tests workflows follow a similar structure with the following key jobs: + +1. **Checkout Code**: The workflow fetches the latest code from the wazuh-automation and wazuh-installation-assistant repositories. + +2. **Set Up Environment**: The operating system is configured based on the selected OS in the SYSTEMS input. The corresponding OS name is stored in the environment variable COMPOSITE_NAME. + +3. **Install Ansible**: Ansible is installed for managing the provisioning of instances and running the necessary playbooks. + +4. **Provisioning Instances**: The distributed workflow allocates AWS instances using the wazuh-automation repository’s allocation module. It provisions indexers, managers, and dashboards across the instances. The instance inventory is dynamically created and used for later playbook executions. + +5. **Ansible Playbooks Execution**: Provision playbooks are executed to prepare the environments for Wazuh components. + +6. **Test Execution**: A Python-based testing framework is executed to verify the successful installation and functionality of the Wazuh components on the allocated instances. + +7. **Destroy Instances (Optional)**: If the `DESTROY` parameter is set to true, the allocated AWS instances are terminated after the tests. If set to false, the instances and their details are saved as artifacts for later analysis. + +### Artifacts +If instances are not destroyed, the workflow compresses the allocated instances' directory and uploads it as an artifact. Also, the artifacts are compressed with a password. Ask @devel-devops teams for this password. An artifact is uploaded per OS selected. +## Notes +- Instance allocation: The `Test_installation_assistant_distributed` workflow provisions three instances by default. The roles are distributed as follows: + - `indexer1`, `indexer2`, `indexer3`: Indexers in the Wazuh cluster. + - `master`, `worker1`, `worker2`: Wazuh managers, where `master` is the main manager, and `worker1` and `worker2` are worker nodes. + - `dashboard`: Wazuh dashboard. + +- Customization: These workflows allow for customization through the various input parameters, making it easy to test different operating systems, verbosity levels, or different versions of the repositories. \ No newline at end of file From 8c43c116ee8f7b4bac2452326a151349e0f3d27f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 16 Sep 2024 17:23:47 +0200 Subject: [PATCH 067/126] Changed repository reference to the workflow branch --- .github/workflows/Test_installation_assistant.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 7a4d24c..e574e0f 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -24,10 +24,6 @@ on: description: 'Branch or tag of the wazuh-automation repository' required: true default: '4.10.0' - ASSISTANT_REFERENCE: - description: 'Branch or tag of the wazuh-installation-assistant repository' - required: true - default: '4.10.0' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true @@ -162,7 +158,7 @@ jobs: -i $ALLOCATOR_PATH/inventory \ -l all \ -e "repository=$REPOSITORY_URL" \ - -e "reference=${{ inputs.ASSISTANT_REFERENCE }}" \ + -e "reference=${{ github.ref_name }}" \ -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ -e "install_deps=$INSTALL_DEPS" \ From e6bda9c6da927fd7e15c120c47c342b7c6cad85a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 16 Sep 2024 17:26:49 +0200 Subject: [PATCH 068/126] Changed default OSs --- .github/workflows/Test_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index e574e0f..23c9041 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -27,7 +27,7 @@ on: SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true - default: '["CentOS_7", "CentOS_8", "AmazonLinux_2", "Ubuntu_16", "Ubuntu_18", "Ubuntu_20", "Ubuntu_22", "RHEL7", "RHEL8"]' + default: '["CentOS_8", "AmazonLinux_2", "Ubuntu_22", "RHEL8"]' type: string VERBOSITY: description: 'Verbosity level on playbooks execution' From 996e6c9dccdcc1548274fa77ef7f77b40933a627 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Fri, 13 Sep 2024 16:27:32 +0200 Subject: [PATCH 069/126] Update SECURITY.md file --- SECURITY.md | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 100f730..4c99eec 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -11,19 +11,15 @@ This policy applies to all open source projects developed, maintained, or hosted ## Reporting Security Vulnerabilities If you believe you've discovered a potential security vulnerability in one of our open source projects, we strongly encourage you to report it to us responsibly. -Please submit your findings as [security advisories](https://github.com/wazuh/wazuh-installation-assistant/security/advisories) under the "Security" tab in the relevant GitHub repository. Alternatively, you may send the details of your findings to security@wazuh.com. +Please submit your findings as security advisories under the "Security" tab in the relevant GitHub repository. Alternatively, you may send the details of your findings to [security@wazuh.com](mailto:security@wazuh.com). ## Vulnerability Disclosure Policy Upon receiving a report of a potential vulnerability, our team will initiate an investigation. If the reported issue is confirmed as a vulnerability, we will take the following steps: 1. Acknowledgment: We will acknowledge the receipt of your vulnerability report and begin our investigation. - 2. Validation: We will validate the issue and work on reproducing it in our environment. - 3. Remediation: We will work on a fix and thoroughly test it - 4. Release & Disclosure: After 90 days from the discovery of the vulnerability, or as soon as a fix is ready and thoroughly tested (whichever comes first), we will release a security update for the affected project. We will also publicly disclose the vulnerability by publishing a CVE (Common Vulnerabilities and Exposures) and acknowledging the discovering party. - 5. Exceptions: In order to preserve the security of the Wazuh community at large, we might extend the disclosure period to allow users to patch their deployments. This 90-day period allows for end-users to update their systems and minimizes the risk of widespread exploitation of the vulnerability. @@ -46,4 +42,4 @@ We ask that all users and contributors respect this policy and the security of o ## Changes to this Security Policy This policy may be revised from time to time. Each version of the policy will be identified at the top of the page by its effective date. -If you have any questions about this Security Policy, please contact us at security@wazuh.com +If you have any questions about this Security Policy, please contact us at [security@wazuh.com](mailto:security@wazuh.com) \ No newline at end of file From cccd73503b7fb42f1a66a8d771f27a2b2544923e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 17 Sep 2024 10:02:15 +0200 Subject: [PATCH 070/126] Updated CHANGELOG for #60 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 85e2091..7063012 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file. ### Changed - Added post-install validations for the Wazuh manager and Filebeat. ([#3059](https://github.com/wazuh/wazuh-packages/pull/3059)) +- Installation assistant distributed test rework and migration. ([#60](https://github.com/wazuh/wazuh-installation-assistant/pull/60)) ### Fixed From daaf1fc1278a6cf4684aaf68e393e3e830ffe9c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 17 Sep 2024 10:03:18 +0200 Subject: [PATCH 071/126] Updated CHANGELOG for #46 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 85e2091..143ce0c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file. ### Changed - Added post-install validations for the Wazuh manager and Filebeat. ([#3059](https://github.com/wazuh/wazuh-packages/pull/3059)) +- Installation assistant test and tier workflow migration ([#46](https://github.com/wazuh/wazuh-installation-assistant/pull/46/)) ### Fixed From 010fc2da25b6ec591cf4fd5ca28cc526ed9048a4 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Tue, 17 Sep 2024 10:10:50 +0200 Subject: [PATCH 072/126] Update CHANGELOG --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e9edcd2..29bbe89 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file. ### Changed - Added post-install validations for the Wazuh manager and Filebeat. ([#3059](https://github.com/wazuh/wazuh-packages/pull/3059)) +- Update SECURITY.md file. ([#59](https://github.com/wazuh/wazuh-installation-assistant/pull/59)) ### Fixed From 2b0dacd079644f8c1cb4e3c8ee42c96fb95210d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 17 Sep 2024 14:19:11 +0200 Subject: [PATCH 073/126] Changing systems when PR is created --- .github/workflows/Test_installation_assistant_distributed.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index c7b62b0..9170169 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -27,7 +27,7 @@ on: SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true - default: '["Ubuntu_22"]' + default: '["CentOS_8", "AmazonLinux_2","Ubuntu_22", "RHEL8"]' type: string VERBOSITY: description: 'Verbosity level on playbooks execution' @@ -68,7 +68,7 @@ jobs: strategy: fail-fast: false # If a job fails, the rest of jobs will not be canceled matrix: - system: ${{ fromJson(inputs.SYSTEMS) }} + system: ${{ github.event_name == 'pull_request' && '["Ubuntu_22"]' || fromJson(inputs.SYSTEMS) }} # If the worklflow is executed by a PR, set the OSs steps: - name: Checkout code From faa1d25277c1c780a4e2475da55759ce008dac44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 17 Sep 2024 14:20:35 +0200 Subject: [PATCH 074/126] Changed references of unattended --- .github/workflows/ansible-playbooks/aio_tests.yml | 2 +- .github/workflows/ansible-playbooks/provision.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ansible-playbooks/aio_tests.yml b/.github/workflows/ansible-playbooks/aio_tests.yml index 1f82888..4ef8953 100644 --- a/.github/workflows/ansible-playbooks/aio_tests.yml +++ b/.github/workflows/ansible-playbooks/aio_tests.yml @@ -7,7 +7,7 @@ script_name: "{{ test_name }}.py" tasks: - - name: Test unattended AIO install + - name: Test AIO install with Installation assistant command: "python3 -m pytest --tb=long {{ script_name }} -v -m \"wazuh or wazuh_worker or indexer or dashboard\"" args: chdir: "{{ script_path }}" diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index e87182a..63ef0da 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -169,7 +169,7 @@ depth: 1 force: true - - name: Generate unattended + - name: Generate Installation assistant command: "bash {{ tmp_path }}/builder.sh -i -d" - name: Change pre-release repository to selected one From c5a7b5006bd948c2a9a9fceae191b6b247521ce7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 18 Sep 2024 09:30:05 +0200 Subject: [PATCH 075/126] Changed order in CHANGELOG --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9ae8641..9b2a39f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,8 +5,8 @@ All notable changes to this project will be documented in this file. ### Changed -- Added post-install validations for the Wazuh manager and Filebeat. ([#3059](https://github.com/wazuh/wazuh-packages/pull/3059)) - Installation assistant test and tier workflow migration ([#46](https://github.com/wazuh/wazuh-installation-assistant/pull/46/)) +- Added post-install validations for the Wazuh manager and Filebeat. ([#3059](https://github.com/wazuh/wazuh-packages/pull/3059)) - Update SECURITY.md file. ([#59](https://github.com/wazuh/wazuh-installation-assistant/pull/59)) ### Fixed From 08bf5ab96198a5ae289b480202b3e175a98aac9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 19 Sep 2024 13:25:23 +0200 Subject: [PATCH 076/126] Migrated repository selection to assistant script --- builder.sh | 38 --------------------------- install_functions/installMain.sh | 23 ++++++++++++++++ install_functions/installVariables.sh | 9 ++++++- 3 files changed, 31 insertions(+), 39 deletions(-) diff --git a/builder.sh b/builder.sh index c07aec0..67b3010 100755 --- a/builder.sh +++ b/builder.sh @@ -65,28 +65,6 @@ function buildInstaller() { # Foundation." >> "${output_script_path}" echo >> "${output_script_path}" - ## Installation variables - if [ -n "${development}" ]; then - echo 'readonly development=1' >> "${output_script_path}" - echo 'readonly repogpg="https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH"' >> "${output_script_path}" - echo 'readonly repobaseurl="https://packages-dev.wazuh.com/'${devrepo}'"' >> "${output_script_path}" - echo 'readonly reporelease="unstable"' >> "${output_script_path}" - echo 'readonly filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.4.tar.gz"' >> "${output_script_path}" - echo 'readonly bucket="packages-dev.wazuh.com"' >> "${output_script_path}" - echo 'readonly repository="'"${devrepo}"'"' >> "${output_script_path}" - if [[ ! $(grep -E "source_branch=" "${resources_installer}/installVariables.sh" | sed -E 's/.*source_branch="([^"]+)"/\1/') =~ "-" ]]; then - sed -i 's|v${wazuh_version}|${wazuh_version}|g' "${resources_installer}/installVariables.sh" - pre_release_tag=1 - fi - else - echo 'readonly repogpg="https://packages.wazuh.com/key/GPG-KEY-WAZUH"' >> "${output_script_path}" - echo 'readonly repobaseurl="https://packages.wazuh.com/4.x"' >> "${output_script_path}" - echo 'readonly reporelease="stable"' >> "${output_script_path}" - echo 'readonly filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.4.tar.gz"' >> "${output_script_path}" - echo 'readonly bucket="packages.wazuh.com"' >> "${output_script_path}" - echo 'readonly repository="4.x"' >> "${output_script_path}" - fi - echo >> "${output_script_path}" checkFilebeatURL grep -Ev '^#|^\s*$' ${resources_common}/commonVariables.sh >> "${output_script_path}" grep -Ev '^#|^\s*$' ${resources_installer}/installVariables.sh >> "${output_script_path}" @@ -235,19 +213,6 @@ function builder_main() { certTool=1 shift 1 ;; - "-d"|"--development") - development=1 - if [ -n "${2}" ] && [ "${2}" = "staging" ]; then - devrepo="staging" - shift 2 - elif [ -n "${2}" ] && [ "${2}" = "pre-release" ]; then - devrepo="pre-release" - shift 2 - else - devrepo="pre-release" - shift 1 - fi - ;; "-p"|"--password-tool") passwordsTool=1 shift 1 @@ -267,9 +232,6 @@ function builder_main() { if [ -n "${change_filebeat_url}" ]; then sed -i -E "s|(https.+)master(.+wazuh-template.json)|\1\\$\\{source_branch\\}\2|" "${resources_installer}/installVariables.sh" fi - if [[ -n "${development}" && -n "${pre_release_tag}" ]]; then - sed -i 's|${wazuh_version}|v${wazuh_version}|g' "${resources_installer}/installVariables.sh" - fi fi if [ -n "${passwordsTool}" ]; then diff --git a/install_functions/installMain.sh b/install_functions/installMain.sh index c10dff0..1663256 100755 --- a/install_functions/installMain.sh +++ b/install_functions/installMain.sh @@ -22,6 +22,9 @@ function getHelp() { echo -e " -c, --config-file " echo -e " Path to the configuration file used to generate wazuh-install-files.tar file containing the files that will be needed for installation. By default, the Wazuh installation assistant will search for a file named config.yml in the same path as the script." echo -e "" + echo -e " -d [pre-release|staging], --development" + echo -e " Use development repositories. By default it uses the pre-release package repository. If staging is specified, it will use that repository." + echo -e "" echo -e " -dw, --download-wazuh " echo -e " Download all the packages necessary for offline installation. Type of packages to download for offline installation (rpm, deb)" echo -e "" @@ -98,6 +101,26 @@ function main() { config_file="${2}" shift 2 ;; + "-d"|"--development") + development=1 + devrepo="pre-release" + if [ -n "${2}" ] && [ "${2}" = "staging" ]; then + devrepo="staging" + shift 2 + fi + repogpg="https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH" + repobaseurl="https://packages-dev.wazuh.com/'${devrepo}'" + reporelease="unstable" + filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.4.tar.gz" + bucket="packages-dev.wazuh.com" + repository="'"${devrepo}"'" + + if [[ ! "${source_branch}" =~ "-" ]]; then + source_branch="${source_branch#v}" + fi + + ;; + "-fd"|"--force-install-dashboard") force=1 shift 1 diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 19626c1..2427ca4 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -11,7 +11,14 @@ readonly wazuh_major="4.10" readonly wazuh_version="4.10.0" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" -readonly source_branch="v${wazuh_version}" +source_branch="v${wazuh_version}" + +repogpg="https://packages.wazuh.com/key/GPG-KEY-WAZUH" +repobaseurl="https://packages.wazuh.com/4.x" +reporelease="stable" +filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.4.tar.gz" +bucket="packages.wazuh.com" +repository="4.x" ## Links and paths to resources readonly resources="https://${bucket}/${wazuh_major}" From aa24083930ea54251ba2e20e78c88bbec7227068 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 19 Sep 2024 16:15:21 +0200 Subject: [PATCH 077/126] Improved repository selection --- builder.sh | 33 -------------------------------- install_functions/checks.sh | 33 ++++++++++++++++++++++++++++++++ install_functions/installMain.sh | 27 ++++++++++++++++---------- 3 files changed, 50 insertions(+), 43 deletions(-) diff --git a/builder.sh b/builder.sh index 67b3010..6b551bd 100755 --- a/builder.sh +++ b/builder.sh @@ -34,9 +34,6 @@ function getHelp() { echo -e " -c, --cert-tool" echo -e " Builds the certificate creation tool wazuh-cert-tool.sh" echo -e "" - echo -e " -d [pre-release|staging], --development" - echo -e " Use development repositories. By default it uses the pre-release package repository. If staging is specified, it will use that repository." - echo -e "" echo -e " -p, --password-tool" echo -e " Builds the password creation and modification tool wazuh-password-tool.sh" echo -e "" @@ -65,7 +62,6 @@ function buildInstaller() { # Foundation." >> "${output_script_path}" echo >> "${output_script_path}" - checkFilebeatURL grep -Ev '^#|^\s*$' ${resources_common}/commonVariables.sh >> "${output_script_path}" grep -Ev '^#|^\s*$' ${resources_installer}/installVariables.sh >> "${output_script_path}" echo >> "${output_script_path}" @@ -229,9 +225,6 @@ function builder_main() { if [ -n "${installer}" ]; then buildInstaller chmod 500 ${output_script_path} - if [ -n "${change_filebeat_url}" ]; then - sed -i -E "s|(https.+)master(.+wazuh-template.json)|\1\\$\\{source_branch\\}\2|" "${resources_installer}/installVariables.sh" - fi fi if [ -n "${passwordsTool}" ]; then @@ -267,30 +260,4 @@ function checkDistDetectURL() { } -function checkFilebeatURL() { - - # Import variables - eval "$(grep -E "wazuh_version=" "${resources_installer}/installVariables.sh")" - eval "$(grep -E "source_branch=" "${resources_installer}/installVariables.sh" | sed 's/source_branch=/install_variables_source_branch=/')" - eval "$(grep -E "filebeat_wazuh_template=" "${resources_installer}/installVariables.sh" | sed "s/\${source_branch}/$install_variables_source_branch/")" - - new_filebeat_url="https://raw.githubusercontent.com/wazuh/wazuh/master/extensions/elasticsearch/7.x/wazuh-template.json" - - # Get the response of the URL and check it - response=$(curl -I --write-out '%{http_code}' --silent --output /dev/null $filebeat_wazuh_template) - if [ "${response}" != "200" ]; then - response=$(curl -I --write-out '%{http_code}' --silent --output /dev/null $new_filebeat_url) - - # Display error if both URLs do not get the resource - if [ "${response}" != "200" ]; then - echo -e "Error: Could not get the Filebeat Wazuh template. " - # If matches, replace the variable of installVariables to the new one - else - echo -e "Changing Filebeat URL..." - sed -i -E "s|filebeat_wazuh_template=.*|filebeat_wazuh_template=\"${new_filebeat_url}\"|g" "${resources_installer}/installVariables.sh" - change_filebeat_url=1 - fi - fi -} - builder_main "$@" diff --git a/install_functions/checks.sh b/install_functions/checks.sh index 0d42d2a..fb003a2 100644 --- a/install_functions/checks.sh +++ b/install_functions/checks.sh @@ -19,6 +19,15 @@ function checks_arch() { function checks_arguments() { + # -------------- Repository selection --------------------- + + if [ -n "${development}" ]; then + if [ -z "${AIO}" ] && [ -z "${dashboard}" ] && [ -z "${indexer}" ] && [ -z "${wazuh}" ] && [ -z "${start_indexer_cluster}" ] && [ -z "${download}" ]; then + common_logger -e "The -d|--development option must be used with -a, -ws, -s, -wi, -wd or -dw." + exit 1 + fi + fi + # -------------- Port option validation --------------------- if [ -n "${port_specified}" ]; then @@ -444,6 +453,30 @@ function checks_available_port() { fi } +function checks_filebeatURL() { + # URL uses branch when the source_branch is not a stage branch + if [[ ! "${source_branch}" =~ "-" ]]; then + source_branch="${source_branch#v}" + filebeat_wazuh_template="https://raw.githubusercontent.com/wazuh/wazuh/${source_branch}/extensions/elasticsearch/7.x/wazuh-template.json" + fi + + # URL using master branch + new_filebeat_url="${filebeat_wazuh_template/${source_branch}/master}" + + response=$(curl -I --write-out '%{http_code}' --silent --output /dev/null $filebeat_wazuh_template) + if [ "${response}" != "200" ]; then + response=$(curl -I --write-out '%{http_code}' --silent --output /dev/null $new_filebeat_url) + + # Display error if both URLs do not get the resource + if [ "${response}" != "200" ]; then + common_logger -e "Error: Could not get the Filebeat Wazuh template." + else + common_logger "Using Filebeat template from master branch." + filebeat_wazuh_template="${new_filebeat_url}" + fi + fi +} + function checks_firewall(){ ports_list=("$@") f_ports="" diff --git a/install_functions/installMain.sh b/install_functions/installMain.sh index 1663256..95cbc12 100755 --- a/install_functions/installMain.sh +++ b/install_functions/installMain.sh @@ -103,22 +103,26 @@ function main() { ;; "-d"|"--development") development=1 - devrepo="pre-release" - if [ -n "${2}" ] && [ "${2}" = "staging" ]; then - devrepo="staging" + if [ -n "${2}" ] && [[ ! "${2}" =~ ^- ]]; then + if [ "${2}" = "pre-release" ] || [ "${2}" = "staging" ]; then + devrepo="${2}" + else + common_logger -e "Error: Invalid value '${2}' after -d|--development. Accepted values are 'pre-release' or 'staging'." + getHelp + exit 1 + fi shift 2 + else + devrepo="pre-release" + shift 1 fi repogpg="https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH" - repobaseurl="https://packages-dev.wazuh.com/'${devrepo}'" + repobaseurl="https://packages-dev.wazuh.com/${devrepo}" reporelease="unstable" filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.4.tar.gz" bucket="packages-dev.wazuh.com" - repository="'"${devrepo}"'" - - if [[ ! "${source_branch}" =~ "-" ]]; then - source_branch="${source_branch#v}" - fi - + repository="${devrepo}" + shift 1 ;; "-fd"|"--force-install-dashboard") @@ -259,6 +263,9 @@ function main() { common_checkInstalled checks_arguments + if [ -n "${development}" ]; then + checks_filebeatURL + fi if [ -n "${uninstall}" ]; then installCommon_rollBack exit 0 From 6b1d9050faa2ae634c47608bf0178e394517e9d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 19 Sep 2024 16:15:45 +0200 Subject: [PATCH 078/126] Improved repository selection --- install_functions/installMain.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/install_functions/installMain.sh b/install_functions/installMain.sh index 95cbc12..ee75812 100755 --- a/install_functions/installMain.sh +++ b/install_functions/installMain.sh @@ -122,7 +122,6 @@ function main() { filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.4.tar.gz" bucket="packages-dev.wazuh.com" repository="${devrepo}" - shift 1 ;; "-fd"|"--force-install-dashboard") From 09a5abe27ca58f1c5282edca8f33c04f2878e675 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 20 Sep 2024 14:57:20 +0200 Subject: [PATCH 079/126] Adapted GHAs with the repository selection migration --- .github/workflows/Test_installation_assistant.yml | 2 +- .../workflows/Test_installation_assistant_distributed.yml | 6 ++++-- .github/workflows/ansible-playbooks/aio.yml | 3 ++- .../ansible-playbooks/distributed_generate_certificates.yml | 3 +-- .../ansible-playbooks/distributed_install_dashboard.yml | 3 ++- .../ansible-playbooks/distributed_install_indexer.yml | 3 ++- .../ansible-playbooks/distributed_install_wazuh.yml | 5 +++-- .../ansible-playbooks/distributed_start_indexer_cluster.yml | 3 ++- .github/workflows/ansible-playbooks/provision.yml | 6 +----- .github/workflows/offline-installation.yml | 2 +- 10 files changed, 19 insertions(+), 17 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 23c9041..2c95bf5 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -160,7 +160,6 @@ jobs: -e "repository=$REPOSITORY_URL" \ -e "reference=${{ github.ref_name }}" \ -e "tmp_path=$TMP_PATH" \ - -e "pkg_repository=$PKG_REPOSITORY" \ -e "install_deps=$INSTALL_DEPS" \ -e "install_python=$INSTALL_PYTHON" \ -e "install_pip_deps=$INSTALL_PIP_DEPS" \ @@ -174,6 +173,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ + -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - name: Execute Python test playbook diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 9170169..f18a749 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -214,7 +214,6 @@ jobs: -e "repository=$REPOSITORY_URL" \ -e "reference=${{ github.ref_name }}" \ -e "tmp_path=$TMP_PATH" \ - -e "pkg_repository=$PKG_REPOSITORY" \ -e "install_deps=$INSTALL_DEPS" \ -e "install_python=$INSTALL_PYTHON" \ -e "install_pip_deps=$INSTALL_PIP_DEPS" \ @@ -225,7 +224,6 @@ jobs: ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_generate_certificates.yml \ -i $ALLOCATOR_PATH/inventory \ -e "resources_path=$RESOURCES_PATH" \ - -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - name: Copy certificates to nodes @@ -243,6 +241,7 @@ jobs: -i $ALLOCATOR_PATH/inventory \ -l indexers \ -e "tmp_path=$TMP_PATH" \ + -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - name: Execute indexer cluster start playbook @@ -252,6 +251,7 @@ jobs: -i $ALLOCATOR_PATH/inventory \ -l indexers \ -e "tmp_path=$TMP_PATH" \ + -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - name: Execute server installation playbook @@ -260,6 +260,7 @@ jobs: -i $ALLOCATOR_PATH/inventory \ -l managers \ -e "tmp_path=$TMP_PATH" \ + -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - name: Execute dashboard installation playbook @@ -268,6 +269,7 @@ jobs: -i $ALLOCATOR_PATH/inventory \ -l dashboards \ -e "tmp_path=$TMP_PATH" \ + -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - name: Execute Python test playbook diff --git a/.github/workflows/ansible-playbooks/aio.yml b/.github/workflows/ansible-playbooks/aio.yml index 1ab2b12..4acd184 100644 --- a/.github/workflows/ansible-playbooks/aio.yml +++ b/.github/workflows/ansible-playbooks/aio.yml @@ -4,11 +4,12 @@ vars: script_path: "{{ tmp_path }}" + pkg_repository: "{{ pkg_repository }}" script_name: "wazuh-install.sh" tasks: - name: Test assistant AIO install - command: "bash {{ script_name }} -a -v" + command: "bash {{ script_name }} -a -v -d {{ pkg_repository }}" args: chdir: "{{ script_path }}" register: install_results diff --git a/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml b/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml index 0bfeb88..6c97240 100644 --- a/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml +++ b/.github/workflows/ansible-playbooks/distributed_generate_certificates.yml @@ -4,7 +4,6 @@ vars: resources_path: "{{ resources_path }}" - pkg_repository: "{{ pkg_repository }}" tasks: - name: Create certificates @@ -17,7 +16,7 @@ force: yes - name: Creating wazuh-install.sh script - shell: "bash {{ resources_path }}/builder.sh -i -d {{ pkg_repository }}" + shell: "bash {{ resources_path }}/builder.sh -i" - name: Creating Certificates shell: "bash {{ resources_path }}/wazuh-install.sh -g -v" diff --git a/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml b/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml index 539bad4..fb04278 100644 --- a/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml +++ b/.github/workflows/ansible-playbooks/distributed_install_dashboard.yml @@ -5,10 +5,11 @@ vars: tmp_path: "{{ tmp_path }}" + pkg_repository: "{{ pkg_repository }}" tasks: - name: Install Wazuh dashboard - command: "bash wazuh-install.sh -wd {{ inventory_hostname }} -v" + command: "bash wazuh-install.sh -wd {{ inventory_hostname }} -v -d {{ pkg_repository }}" args: chdir: "{{ tmp_path }}" register: dashboard diff --git a/.github/workflows/ansible-playbooks/distributed_install_indexer.yml b/.github/workflows/ansible-playbooks/distributed_install_indexer.yml index 57d385e..c5736da 100644 --- a/.github/workflows/ansible-playbooks/distributed_install_indexer.yml +++ b/.github/workflows/ansible-playbooks/distributed_install_indexer.yml @@ -5,9 +5,10 @@ vars: tmp_path: "{{ tmp_path }}" + pkg_repository: "{{ pkg_repository }}" tasks: - name: Install Wazuh indexer - command: "bash {{ tmp_path }}/wazuh-install.sh -wi {{ inventory_hostname }} -v" + command: "bash {{ tmp_path }}/wazuh-install.sh -wi {{ inventory_hostname }} -v -d {{ pkg_repository }}" register: indexer diff --git a/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml b/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml index a128a19..ac5cfe1 100644 --- a/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml +++ b/.github/workflows/ansible-playbooks/distributed_install_wazuh.yml @@ -6,11 +6,12 @@ vars: tmp_path: "{{ tmp_path }}" master_ip: "{{ hostvars[groups['managers'] | select('match', 'master') | first]['private_ip'] }}" + pkg_repository: "{{ pkg_repository }}" check_port: 55000 tasks: - name: Install Wazuh server on master - command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v" + command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v -d {{ pkg_repository }}" register: wazuh when: hostvars[inventory_hostname].manager_type == 'master' @@ -27,7 +28,7 @@ poll: 5 - name: Install Wazuh server (Workers) - command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v" + command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v -d {{ pkg_repository }}" register: wazuh when: hostvars[inventory_hostname].manager_type == 'worker' diff --git a/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml b/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml index 37d8cbb..663a0a2 100644 --- a/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml +++ b/.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml @@ -5,12 +5,13 @@ vars: tmp_path: "{{ tmp_path }}" + pkg_repository: "{{ pkg_repository }}" tasks: - name: Start Wazuh indexer cluster in just one node block: - name: Start Wazuh indexer cluster - command: "bash {{ tmp_path }}/wazuh-install.sh -s -v" + command: "bash {{ tmp_path }}/wazuh-install.sh -s -v -d {{ pkg_repository }}" register: cluster when: inventory_hostname == ansible_play_hosts[0] diff --git a/.github/workflows/ansible-playbooks/provision.yml b/.github/workflows/ansible-playbooks/provision.yml index 63ef0da..4f30d8e 100644 --- a/.github/workflows/ansible-playbooks/provision.yml +++ b/.github/workflows/ansible-playbooks/provision.yml @@ -170,9 +170,5 @@ force: true - name: Generate Installation assistant - command: "bash {{ tmp_path }}/builder.sh -i -d" + command: "bash {{ tmp_path }}/builder.sh -i" - - name: Change pre-release repository to selected one - command: "sed -i 's|pre-release|{{ pkg_repository }}|g' {{ script_name }}" - args: - chdir: "{{ script_path }}" diff --git a/.github/workflows/offline-installation.yml b/.github/workflows/offline-installation.yml index 1d31ec4..ec8b986 100644 --- a/.github/workflows/offline-installation.yml +++ b/.github/workflows/offline-installation.yml @@ -20,7 +20,7 @@ jobs: - uses: actions/checkout@v4 - name: Build wazuh-install script and use staging packages - run: bash builder.sh -i -d staging + run: bash builder.sh -i - uses: actions/upload-artifact@v3 with: From 0894dddd53add001c7003085887798f5c19f0c07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 20 Sep 2024 16:30:50 +0200 Subject: [PATCH 080/126] Modified assistant reference for testing --- install_functions/installVariables.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 2427ca4..a42f2fd 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -7,8 +7,8 @@ # Foundation. ## Package vars -readonly wazuh_major="4.10" -readonly wazuh_version="4.10.0" +readonly wazuh_major="4.9" +readonly wazuh_version="4.9.0" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" source_branch="v${wazuh_version}" From a27a96941568b9fe650a97e1259ba9a154057e18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 20 Sep 2024 16:47:43 +0200 Subject: [PATCH 081/126] Added #57 changes for testing --- install_functions/manager.sh | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/install_functions/manager.sh b/install_functions/manager.sh index 6c7c429..e20b9dc 100644 --- a/install_functions/manager.sh +++ b/install_functions/manager.sh @@ -44,10 +44,23 @@ function manager_startCluster() { function manager_checkService() { common_logger "Checking Wazuh API connection" + + max_attempts=15 + attempt=0 + seconds=5 api_password="wazuh-wui" token_command="curl -k -s -X POST -u \"wazuh-wui:${api_password}\" https://127.0.0.1:55000/security/user/authenticate/run_as?raw=true -d '{\"user_name\":\"wzread\"}' -H \"content-type:application/json\"" TOKEN=$(eval "${token_command}") + # Wait for the API to be ready + while [[ -z "${TOKEN}" && "${attempt}" -lt "${max_attempts}" ]]; do + attempt=$((attempt+1)) + common_logger "Attempt $attempt: Checking the Wazuh API to be ready" + sleep "${seconds}" + TOKEN=$(eval "${token_command}") + done + common_logger "Wazuh API is ready to receive requests." + # Change curl credentials in case the master node has changed the passwords if [[ "${TOKEN}" =~ "Invalid credentials" && "${server_node_types[pos]}" == "worker" ]]; then api_password=$(tar -axf "${tar_file}" wazuh-install-files/wazuh-passwords.txt -O | grep -P "'wazuh-wui'" -A 1 | awk 'NR==2 { print $2 }' | sed "s/'//g") @@ -55,17 +68,6 @@ function manager_checkService() { TOKEN=$(eval "${token_command}") fi - max_attempts=15 - attempt=0 - seconds=5 - - while [[ -z "${TOKEN}" && "${attempt}" -lt "${max_attempts}" ]]; do - attempt=$((attempt+1)) - common_logger "Attempt $attempt: Trying to get Wazuh API token" - sleep "${seconds}" - TOKEN=$(eval "${token_command}") - done - if [[ -z "${TOKEN}" ]]; then common_logger -e "Failed to obtain Wazuh API token after $max_attempts attempts." installCommon_rollBack From dc2013493af5ed85ec34d777765c93920f152cd3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Tue, 10 Sep 2024 09:40:31 +0200 Subject: [PATCH 082/126] added gpg key import in offline installation --- install_functions/installMain.sh | 1 + .../wazuh-offline-installation.sh | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/install_functions/installMain.sh b/install_functions/installMain.sh index ee75812..bc5a8a8 100755 --- a/install_functions/installMain.sh +++ b/install_functions/installMain.sh @@ -319,6 +319,7 @@ function main() { if [ -n "${offline_install}" ]; then offline_checkPreinstallation offline_extractFiles + offline_importGPGKey fi if [ -n "${AIO}" ] || [ -n "${indexer}" ] || [ -n "${dashboard}" ] || [ -n "${wazuh}" ]; then diff --git a/install_functions/wazuh-offline-installation.sh b/install_functions/wazuh-offline-installation.sh index dab1f82..ece9a4f 100644 --- a/install_functions/wazuh-offline-installation.sh +++ b/install_functions/wazuh-offline-installation.sh @@ -101,3 +101,21 @@ function offline_extractFiles() { common_logger -d "Offline files extracted successfully." } + +# Imports the GPG key from the extracted tar file +function offline_importGPGKey() { + if [ "${sys_type}" == "yum" ]; then + eval "rpm --import ${offline_files_path}/GPG-KEY-WAZUH ${debug}" + if [ "${PIPESTATUS[0]}" != 0 ]; then + common_logger -e "Cannot import Wazuh GPG key" + exit 1 + fi + elif [ "${sys_type}" == "apt-get" ]; then + eval "gpg --no-default-keyring --keyring gnupg-ring:${offline_files_path}/GPG-KEY-WAZUH --import - ${debug}" + if [ "${PIPESTATUS[0]}" != 0 ]; then + common_logger -e "Cannot import Wazuh GPG key" + exit 1 + fi + eval "chmod 644 ${offline_files_path}/GPG-KEY-WAZUH ${debug}" + fi +} From 282f706601aad62776f09a09f932a3edf8d15afa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Tue, 10 Sep 2024 12:59:53 +0200 Subject: [PATCH 083/126] change import gpg command --- install_functions/wazuh-offline-installation.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/install_functions/wazuh-offline-installation.sh b/install_functions/wazuh-offline-installation.sh index ece9a4f..5892202 100644 --- a/install_functions/wazuh-offline-installation.sh +++ b/install_functions/wazuh-offline-installation.sh @@ -104,6 +104,8 @@ function offline_extractFiles() { # Imports the GPG key from the extracted tar file function offline_importGPGKey() { + + common_logger -d "Importing Wazuh GPG key." if [ "${sys_type}" == "yum" ]; then eval "rpm --import ${offline_files_path}/GPG-KEY-WAZUH ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then @@ -111,11 +113,12 @@ function offline_importGPGKey() { exit 1 fi elif [ "${sys_type}" == "apt-get" ]; then - eval "gpg --no-default-keyring --keyring gnupg-ring:${offline_files_path}/GPG-KEY-WAZUH --import - ${debug}" + eval "gpg --import ${offline_files_path}/GPG-KEY-WAZUH ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then common_logger -e "Cannot import Wazuh GPG key" exit 1 fi eval "chmod 644 ${offline_files_path}/GPG-KEY-WAZUH ${debug}" fi + } From e46685369d952e16b5fe3ac3f5421a214fe75c6d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Tue, 10 Sep 2024 09:40:31 +0200 Subject: [PATCH 084/126] added gpg key import in offline installation --- install_functions/installMain.sh | 1 + .../wazuh-offline-installation.sh | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/install_functions/installMain.sh b/install_functions/installMain.sh index c10dff0..cfcb092 100755 --- a/install_functions/installMain.sh +++ b/install_functions/installMain.sh @@ -290,6 +290,7 @@ function main() { if [ -n "${offline_install}" ]; then offline_checkPreinstallation offline_extractFiles + offline_importGPGKey fi if [ -n "${AIO}" ] || [ -n "${indexer}" ] || [ -n "${dashboard}" ] || [ -n "${wazuh}" ]; then diff --git a/install_functions/wazuh-offline-installation.sh b/install_functions/wazuh-offline-installation.sh index dab1f82..ece9a4f 100644 --- a/install_functions/wazuh-offline-installation.sh +++ b/install_functions/wazuh-offline-installation.sh @@ -101,3 +101,21 @@ function offline_extractFiles() { common_logger -d "Offline files extracted successfully." } + +# Imports the GPG key from the extracted tar file +function offline_importGPGKey() { + if [ "${sys_type}" == "yum" ]; then + eval "rpm --import ${offline_files_path}/GPG-KEY-WAZUH ${debug}" + if [ "${PIPESTATUS[0]}" != 0 ]; then + common_logger -e "Cannot import Wazuh GPG key" + exit 1 + fi + elif [ "${sys_type}" == "apt-get" ]; then + eval "gpg --no-default-keyring --keyring gnupg-ring:${offline_files_path}/GPG-KEY-WAZUH --import - ${debug}" + if [ "${PIPESTATUS[0]}" != 0 ]; then + common_logger -e "Cannot import Wazuh GPG key" + exit 1 + fi + eval "chmod 644 ${offline_files_path}/GPG-KEY-WAZUH ${debug}" + fi +} From f5434a1cae18b53baa9d3f0d23e0203e916be72b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Tue, 10 Sep 2024 12:59:53 +0200 Subject: [PATCH 085/126] change import gpg command --- install_functions/wazuh-offline-installation.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/install_functions/wazuh-offline-installation.sh b/install_functions/wazuh-offline-installation.sh index ece9a4f..5892202 100644 --- a/install_functions/wazuh-offline-installation.sh +++ b/install_functions/wazuh-offline-installation.sh @@ -104,6 +104,8 @@ function offline_extractFiles() { # Imports the GPG key from the extracted tar file function offline_importGPGKey() { + + common_logger -d "Importing Wazuh GPG key." if [ "${sys_type}" == "yum" ]; then eval "rpm --import ${offline_files_path}/GPG-KEY-WAZUH ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then @@ -111,11 +113,12 @@ function offline_importGPGKey() { exit 1 fi elif [ "${sys_type}" == "apt-get" ]; then - eval "gpg --no-default-keyring --keyring gnupg-ring:${offline_files_path}/GPG-KEY-WAZUH --import - ${debug}" + eval "gpg --import ${offline_files_path}/GPG-KEY-WAZUH ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then common_logger -e "Cannot import Wazuh GPG key" exit 1 fi eval "chmod 644 ${offline_files_path}/GPG-KEY-WAZUH ${debug}" fi + } From 521f568f284dd053aac1c7e7567b7330e594169d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Wed, 11 Sep 2024 17:43:42 +0200 Subject: [PATCH 086/126] change filebeat passwords only when needed --- passwords_tool/passwordsFunctions.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/passwords_tool/passwordsFunctions.sh b/passwords_tool/passwordsFunctions.sh index 2316640..db803ed 100644 --- a/passwords_tool/passwordsFunctions.sh +++ b/passwords_tool/passwordsFunctions.sh @@ -46,7 +46,7 @@ function passwords_changePassword() { fi if [ "${nuser}" == "admin" ] || [ -n "${changeall}" ]; then - if [ -n "${filebeat_installed}" ]; then + if [ -n "${filebeat_installed}" ] && [ -z "${dashboard}" ]; then file_username=$(grep "username:" /etc/filebeat/filebeat.yml | awk '{print $2}') file_password=$(grep "password:" /etc/filebeat/filebeat.yml | awk '{print $2}') if [ "$file_username" != "\${username}" ] || [ "$file_password" != "\${password}" ]; then From dc9d9fc5d34462c838d7f2b9c9ccf02a8f17508f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 24 Sep 2024 09:01:19 +0200 Subject: [PATCH 087/126] Reverted changes for testing --- install_functions/installVariables.sh | 4 ++-- install_functions/manager.sh | 24 +++++++++++------------- 2 files changed, 13 insertions(+), 15 deletions(-) diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index a42f2fd..2427ca4 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -7,8 +7,8 @@ # Foundation. ## Package vars -readonly wazuh_major="4.9" -readonly wazuh_version="4.9.0" +readonly wazuh_major="4.10" +readonly wazuh_version="4.10.0" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" source_branch="v${wazuh_version}" diff --git a/install_functions/manager.sh b/install_functions/manager.sh index e20b9dc..6c7c429 100644 --- a/install_functions/manager.sh +++ b/install_functions/manager.sh @@ -44,23 +44,10 @@ function manager_startCluster() { function manager_checkService() { common_logger "Checking Wazuh API connection" - - max_attempts=15 - attempt=0 - seconds=5 api_password="wazuh-wui" token_command="curl -k -s -X POST -u \"wazuh-wui:${api_password}\" https://127.0.0.1:55000/security/user/authenticate/run_as?raw=true -d '{\"user_name\":\"wzread\"}' -H \"content-type:application/json\"" TOKEN=$(eval "${token_command}") - # Wait for the API to be ready - while [[ -z "${TOKEN}" && "${attempt}" -lt "${max_attempts}" ]]; do - attempt=$((attempt+1)) - common_logger "Attempt $attempt: Checking the Wazuh API to be ready" - sleep "${seconds}" - TOKEN=$(eval "${token_command}") - done - common_logger "Wazuh API is ready to receive requests." - # Change curl credentials in case the master node has changed the passwords if [[ "${TOKEN}" =~ "Invalid credentials" && "${server_node_types[pos]}" == "worker" ]]; then api_password=$(tar -axf "${tar_file}" wazuh-install-files/wazuh-passwords.txt -O | grep -P "'wazuh-wui'" -A 1 | awk 'NR==2 { print $2 }' | sed "s/'//g") @@ -68,6 +55,17 @@ function manager_checkService() { TOKEN=$(eval "${token_command}") fi + max_attempts=15 + attempt=0 + seconds=5 + + while [[ -z "${TOKEN}" && "${attempt}" -lt "${max_attempts}" ]]; do + attempt=$((attempt+1)) + common_logger "Attempt $attempt: Trying to get Wazuh API token" + sleep "${seconds}" + TOKEN=$(eval "${token_command}") + done + if [[ -z "${TOKEN}" ]]; then common_logger -e "Failed to obtain Wazuh API token after $max_attempts attempts." installCommon_rollBack From bc03ca34705815a33d2b72b23810867dbb5ef23a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 24 Sep 2024 09:17:06 +0200 Subject: [PATCH 088/126] Changed source_branch for 4.10.0-alpha1 --- builder.sh | 2 +- install_functions/installVariables.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/builder.sh b/builder.sh index c07aec0..2cc4eb4 100755 --- a/builder.sh +++ b/builder.sh @@ -16,7 +16,7 @@ readonly resources_certs="${base_path_builder}/cert_tool" readonly resources_passwords="${base_path_builder}/passwords_tool" readonly resources_common="${base_path_builder}/common_functions" readonly resources_download="${base_path_builder}/downloader" -source_branch="v4.10.0" +source_branch="v4.10.0-alpha1" function getHelp() { diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 19626c1..ae81dfd 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -11,7 +11,7 @@ readonly wazuh_major="4.10" readonly wazuh_version="4.10.0" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" -readonly source_branch="v${wazuh_version}" +readonly source_branch="v${wazuh_version}-alpha1" ## Links and paths to resources readonly resources="https://${bucket}/${wazuh_major}" From 70a5f0ebe4ace40cdfa8197ecec75f389214f91f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 24 Sep 2024 09:24:01 +0200 Subject: [PATCH 089/126] Reverted source_branch for 4.10.0-alpha1 --- builder.sh | 2 +- install_functions/installVariables.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/builder.sh b/builder.sh index 2cc4eb4..c07aec0 100755 --- a/builder.sh +++ b/builder.sh @@ -16,7 +16,7 @@ readonly resources_certs="${base_path_builder}/cert_tool" readonly resources_passwords="${base_path_builder}/passwords_tool" readonly resources_common="${base_path_builder}/common_functions" readonly resources_download="${base_path_builder}/downloader" -source_branch="v4.10.0-alpha1" +source_branch="v4.10.0" function getHelp() { diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index ae81dfd..19626c1 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -11,7 +11,7 @@ readonly wazuh_major="4.10" readonly wazuh_version="4.10.0" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" -readonly source_branch="v${wazuh_version}-alpha1" +readonly source_branch="v${wazuh_version}" ## Links and paths to resources readonly resources="https://${bucket}/${wazuh_major}" From 5855d12b3d51d7a2fc0a916f78ad6a5162d60903 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Tue, 17 Sep 2024 12:57:39 +0200 Subject: [PATCH 090/126] Add header and build files steps --- .../builder_installation_assistant.yml | 71 +++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 .github/workflows/builder_installation_assistant.yml diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml new file mode 100644 index 0000000..ccd3e05 --- /dev/null +++ b/.github/workflows/builder_installation_assistant.yml @@ -0,0 +1,71 @@ +run-name: Build Installation Assistant - Wazuh installation assistant branch ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} - Launched by @${{ github.actor }} +name: Build Installation Assistant + +on: + workflow_dispatch: + inputs: + WAZUH_INSTALLATION_ASSISTANT_REFERENCE: + description: 'Branch or tag of the wazuh-installation-assistant repository where the workflow will be triggered' + required: true + default: '4.10.0' + DEVELOPMENT: + description: 'Build installation assistant in development mode' + type: boolean + required: false + +env: + S3_BUCKET: "packages-dev.internal.wazuh.com" + BUILDER_PATH: "builder.sh" + WAZUH_INSTALL_NAME: "wazuh-install" + WAZUH_CERT_TOOL_NAME: "wazuh-certs-tool" + WAZUH_PASSWORD_TOOL_NAME: "wazuh-passwords-tool" + +permissions: + id-token: write + contents: read + +jobs: + Build_Installation_Assistant: + runs-on: ubuntu-latest + + steps: + - name: View parameters + run: echo "${{ toJson(inputs) }}" + + - name: Checkout wazuh-installation-assistant repository + uses: actions/checkout@v2 + with: + ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} + + - name: Configure aws credentials + uses: aws-actions/configure-aws-credentials@v3 + with: + role-to-assume: ${{ secrets.AWS_IAM_ROLE }} + aws-region: us-east-1 + - name: Change files name in builder.sh in development mode + if: ${{ inputs.DEVELOPMENT }} + run: | + sed -i 's|${{ env.WAZUH_INSTALL_NAME }}.sh|${{ env.WAZUH_INSTALL_NAME }}-${{ github.sha }}.sh|g' "${{ env.BUILDER_PATH }}" + sed -i 's|${{ env.WAZUH_CERT_TOOL_NAME }}.sh|${{ env.WAZUH_CERT_TOOL_NAME }}-${{ github.sha }}.sh|g' "${{ env.BUILDER_PATH }}" + sed -i 's|${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sh|${{ env.WAZUH_PASSWORD_TOOL_NAME }}-${{ github.sha }}.sh|g' "${{ env.BUILDER_PATH }}" + + - name: Build Installation Assistant files + run: | + command="bash builder.sh -i -c -p" + if [ "${{ inputs.DEVELOPMENT }}" == true ]; then + command="$command -d" + fi + $command + + - name: Prepare files + run: | + mkdir -p ${{ github.workspace }}/wazuh-installation-assistant-files + mv ${{ env.WAZUH_INSTALL_NAME }}*.sh ${{ github.workspace }}/wazuh-installation-assistant-files + mv ${{ env.WAZUH_CERT_TOOL_NAME }}*.sh ${{ github.workspace }}/wazuh-installation-assistant-files + mv ${{ env.WAZUH_PASSWORD_TOOL_NAME }}*.sh ${{ github.workspace }}/wazuh-installation-assistant-files + + - name: Create artifact + uses: actions/upload-artifact@v4 + with: + name: wazuh-installation-assistant-files + path: ${{ github.workspace }}/wazuh-installation-assistant-files From 44f72ddd53e45e9e1b43ac34b12152e171875046 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Thu, 19 Sep 2024 10:44:01 +0200 Subject: [PATCH 091/126] Add step to upload artifacts to s3 --- .../builder_installation_assistant.yml | 42 +++++++++++-------- 1 file changed, 24 insertions(+), 18 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index ccd3e05..5298f16 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -1,11 +1,11 @@ -run-name: Build Installation Assistant - Wazuh installation assistant branch ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} - Launched by @${{ github.actor }} +run-name: Build Installation Assistant - Wazuh installation assistant branch ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} - Launched by @${{ github.actor }} name: Build Installation Assistant on: workflow_dispatch: inputs: - WAZUH_INSTALLATION_ASSISTANT_REFERENCE: - description: 'Branch or tag of the wazuh-installation-assistant repository where the workflow will be triggered' + WAZUH_INSTALLATION_ASSISTANT_VERSION: + description: 'Branch of the wazuh-installation-assistant repository where the workflow will be triggered' required: true default: '4.10.0' DEVELOPMENT: @@ -15,6 +15,7 @@ on: env: S3_BUCKET: "packages-dev.internal.wazuh.com" + S3_REPOSITORY_PATH: "development/wazuh/4.x/secondary/installation-assistant/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }}" BUILDER_PATH: "builder.sh" WAZUH_INSTALL_NAME: "wazuh-install" WAZUH_CERT_TOOL_NAME: "wazuh-certs-tool" @@ -35,7 +36,7 @@ jobs: - name: Checkout wazuh-installation-assistant repository uses: actions/checkout@v2 with: - ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} + ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@v3 @@ -49,23 +50,28 @@ jobs: sed -i 's|${{ env.WAZUH_CERT_TOOL_NAME }}.sh|${{ env.WAZUH_CERT_TOOL_NAME }}-${{ github.sha }}.sh|g' "${{ env.BUILDER_PATH }}" sed -i 's|${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sh|${{ env.WAZUH_PASSWORD_TOOL_NAME }}-${{ github.sha }}.sh|g' "${{ env.BUILDER_PATH }}" - - name: Build Installation Assistant files - run: | - command="bash builder.sh -i -c -p" - if [ "${{ inputs.DEVELOPMENT }}" == true ]; then - command="$command -d" - fi - $command - + - name: Build development Installation Assistant packages + if: ${{ ! inputs.DEVELOPMENT }} + run: bash builder.sh -i -c -p + + - name: Build stage Installation Assistant packages + if: ${{ inputs.DEVELOPMENT }} + run: bash builder.sh -i -c -p -d + - name: Prepare files run: | - mkdir -p ${{ github.workspace }}/wazuh-installation-assistant-files - mv ${{ env.WAZUH_INSTALL_NAME }}*.sh ${{ github.workspace }}/wazuh-installation-assistant-files - mv ${{ env.WAZUH_CERT_TOOL_NAME }}*.sh ${{ github.workspace }}/wazuh-installation-assistant-files - mv ${{ env.WAZUH_PASSWORD_TOOL_NAME }}*.sh ${{ github.workspace }}/wazuh-installation-assistant-files + mkdir -p ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} + mv ${{ env.WAZUH_INSTALL_NAME }}*.sh ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} + mv ${{ env.WAZUH_CERT_TOOL_NAME }}*.sh ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} + mv ${{ env.WAZUH_PASSWORD_TOOL_NAME }}*.sh ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} + - name: Upload files to S3 + run: | + aws s3 cp ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }} --acl public-read --recursive + - name: Create artifact + if: always() uses: actions/upload-artifact@v4 with: - name: wazuh-installation-assistant-files - path: ${{ github.workspace }}/wazuh-installation-assistant-files + name: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} + path: ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} From dc81d333d0f4f017976348ffe468705b1c472c26 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Thu, 19 Sep 2024 12:27:38 +0200 Subject: [PATCH 092/126] Remove acl --- .github/workflows/builder_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 5298f16..9a7c361 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -67,7 +67,7 @@ jobs: - name: Upload files to S3 run: | - aws s3 cp ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }} --acl public-read --recursive + aws s3 cp ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }} --recursive - name: Create artifact if: always() From 202c09713323fb732b08f9693882899c0b8846bf Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Thu, 19 Sep 2024 15:27:53 +0200 Subject: [PATCH 093/126] Add short commmit sha and fix s3 repository path --- .../builder_installation_assistant.yml | 67 +++++++++++-------- 1 file changed, 40 insertions(+), 27 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 9a7c361..b8dd8d3 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -1,21 +1,31 @@ -run-name: Build Installation Assistant - Wazuh installation assistant branch ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} - Launched by @${{ github.actor }} +run-name: Build Installation Assistant ${{ inputs.id }} - Wazuh installation assistant branch ${{ github.ref_name }} - Launched by @${{ github.actor }} name: Build Installation Assistant on: workflow_dispatch: inputs: - WAZUH_INSTALLATION_ASSISTANT_VERSION: - description: 'Branch of the wazuh-installation-assistant repository where the workflow will be triggered' - required: true - default: '4.10.0' - DEVELOPMENT: - description: 'Build installation assistant in development mode' + is_stage: + description: "Is stage?" type: boolean + default: false + id: + description: "ID used to identify the workflow uniquely." + type: string + required: false + workflow_call: + inputs: + is_stage: + description: "Is stage?" + type: boolean + default: false + id: + type: string required: false env: + WAZUH_INSTALLATION_ASSISTANT_VERSION: ${{ github.ref_name }} S3_BUCKET: "packages-dev.internal.wazuh.com" - S3_REPOSITORY_PATH: "development/wazuh/4.x/secondary/installation-assistant/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }}" + S3_REPOSITORY_PATH: "development/wazuh/4.x/secondary/installation-assistant" BUILDER_PATH: "builder.sh" WAZUH_INSTALL_NAME: "wazuh-install" WAZUH_CERT_TOOL_NAME: "wazuh-certs-tool" @@ -36,42 +46,45 @@ jobs: - name: Checkout wazuh-installation-assistant repository uses: actions/checkout@v2 with: - ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} + ref: ${{ env.WAZUH_INSTALLATION_ASSISTANT_VERSION }} - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@v3 with: role-to-assume: ${{ secrets.AWS_IAM_ROLE }} aws-region: us-east-1 - - name: Change files name in builder.sh in development mode - if: ${{ inputs.DEVELOPMENT }} + + - name: Get short sha and wazuh version run: | - sed -i 's|${{ env.WAZUH_INSTALL_NAME }}.sh|${{ env.WAZUH_INSTALL_NAME }}-${{ github.sha }}.sh|g' "${{ env.BUILDER_PATH }}" - sed -i 's|${{ env.WAZUH_CERT_TOOL_NAME }}.sh|${{ env.WAZUH_CERT_TOOL_NAME }}-${{ github.sha }}.sh|g' "${{ env.BUILDER_PATH }}" - sed -i 's|${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sh|${{ env.WAZUH_PASSWORD_TOOL_NAME }}-${{ github.sha }}.sh|g' "${{ env.BUILDER_PATH }}" + COMMIT_SHORT_SHA=$(git rev-parse --short ${{ github.sha }}) + WAZUH_VERSION=$(grep -oP '(?<=readonly wazuh_version=").*(?=")' ${{github.workspace}}/install_functions/installVariables.sh) + echo "WAZUH_VERSION=$WAZUH_VERSION" >> $GITHUB_ENV + echo "COMMIT_SHORT_SHA=$COMMIT_SHORT_SHA" >> $GITHUB_ENV - - name: Build development Installation Assistant packages - if: ${{ ! inputs.DEVELOPMENT }} - run: bash builder.sh -i -c -p + - name: Change files name for stage build + if: ${{ inputs.is_stage == false }} + run: | + sed -i 's|${{ env.WAZUH_INSTALL_NAME }}.sh|${{ env.WAZUH_INSTALL_NAME }}-${{ env.COMMIT_SHORT_SHA }}.sh|g' "${{ env.BUILDER_PATH }}" + sed -i 's|${{ env.WAZUH_CERT_TOOL_NAME }}.sh|${{ env.WAZUH_CERT_TOOL_NAME }}-${{ env.COMMIT_SHORT_SHA }}.sh|g' "${{ env.BUILDER_PATH }}" + sed -i 's|${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sh|${{ env.WAZUH_PASSWORD_TOOL_NAME }}-${{ env.COMMIT_SHORT_SHA }}.sh|g' "${{ env.BUILDER_PATH }}" - - name: Build stage Installation Assistant packages - if: ${{ inputs.DEVELOPMENT }} - run: bash builder.sh -i -c -p -d + - name: Build Installation Assistant packages + run: bash builder.sh -i -c -p - name: Prepare files run: | - mkdir -p ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} - mv ${{ env.WAZUH_INSTALL_NAME }}*.sh ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} - mv ${{ env.WAZUH_CERT_TOOL_NAME }}*.sh ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} - mv ${{ env.WAZUH_PASSWORD_TOOL_NAME }}*.sh ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} + mkdir -p ${{ github.workspace }}/${{ env.WAZUH_VERSION }} + mv ${{ env.WAZUH_INSTALL_NAME }}*.sh ${{ github.workspace }}/${{ env.WAZUH_VERSION }} + mv ${{ env.WAZUH_CERT_TOOL_NAME }}*.sh ${{ github.workspace }}/${{ env.WAZUH_VERSION }} + mv ${{ env.WAZUH_PASSWORD_TOOL_NAME }}*.sh ${{ github.workspace }}/${{ env.WAZUH_VERSION }} - name: Upload files to S3 run: | - aws s3 cp ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }} --recursive + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} --recursive - name: Create artifact if: always() uses: actions/upload-artifact@v4 with: - name: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} - path: ${{ github.workspace }}/${{ inputs.WAZUH_INSTALLATION_ASSISTANT_VERSION }} + name: ${{ env.WAZUH_VERSION }} + path: ${{ github.workspace }}/${{ env.WAZUH_VERSION }} From 9a57c777b4e8d4038307d55caedff9b3fd868774 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Tue, 24 Sep 2024 16:02:43 +0200 Subject: [PATCH 094/126] Add s3 bucket as secret --- .github/workflows/builder_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index b8dd8d3..34ab847 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -24,7 +24,7 @@ on: env: WAZUH_INSTALLATION_ASSISTANT_VERSION: ${{ github.ref_name }} - S3_BUCKET: "packages-dev.internal.wazuh.com" + S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} S3_REPOSITORY_PATH: "development/wazuh/4.x/secondary/installation-assistant" BUILDER_PATH: "builder.sh" WAZUH_INSTALL_NAME: "wazuh-install" From 71882dd7d7434e06a1ae7ca31ca4ec291e7981e8 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Tue, 24 Sep 2024 16:37:40 +0200 Subject: [PATCH 095/126] Change version to reference in the branch --- .github/workflows/builder_installation_assistant.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 34ab847..6955fc8 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -23,7 +23,7 @@ on: required: false env: - WAZUH_INSTALLATION_ASSISTANT_VERSION: ${{ github.ref_name }} + WAZUH_INSTALLATION_ASSISTANT_REFERENCE: ${{ github.ref_name }} S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} S3_REPOSITORY_PATH: "development/wazuh/4.x/secondary/installation-assistant" BUILDER_PATH: "builder.sh" @@ -46,7 +46,7 @@ jobs: - name: Checkout wazuh-installation-assistant repository uses: actions/checkout@v2 with: - ref: ${{ env.WAZUH_INSTALLATION_ASSISTANT_VERSION }} + ref: ${{ env.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@v3 From a18ee42a4305136fd999def8c96cc9782b77fcfb Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Tue, 24 Sep 2024 17:39:54 +0200 Subject: [PATCH 096/126] Bump version to 4.10.1 --- .../workflows/Test_installation_assistant.yml | 2 +- ...Test_installation_assistant_distributed.yml | 2 +- CHANGELOG.md | 18 ++++++++++++++++++ VERSION | 2 +- builder.sh | 2 +- install_functions/installVariables.sh | 2 +- tests/unit/suites/test-common.sh | 4 ++-- tests/unit/suites/test-dashboard.sh | 10 +++++----- tests/unit/suites/test-indexer.sh | 8 ++++---- 9 files changed, 34 insertions(+), 16 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 2c95bf5..45dd7ab 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -23,7 +23,7 @@ on: AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: '4.10.0' + default: '4.10.1' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index f18a749..2cb6ea1 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -23,7 +23,7 @@ on: AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: '4.10.0' + default: '4.10.1' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true diff --git a/CHANGELOG.md b/CHANGELOG.md index 12d1b26..271db36 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,24 @@ # Change Log All notable changes to this project will be documented in this file. +## [4.10.1] + +### Added + +- None + +### Changed + +- None + +### Fixed + +- None + +### Deleted + +- None + ## [4.10.0] ### Changed diff --git a/VERSION b/VERSION index 2da4316..ad96464 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.10.0 +4.10.1 diff --git a/builder.sh b/builder.sh index 6b551bd..95d1b63 100755 --- a/builder.sh +++ b/builder.sh @@ -16,7 +16,7 @@ readonly resources_certs="${base_path_builder}/cert_tool" readonly resources_passwords="${base_path_builder}/passwords_tool" readonly resources_common="${base_path_builder}/common_functions" readonly resources_download="${base_path_builder}/downloader" -source_branch="v4.10.0" +source_branch="v4.10.1" function getHelp() { diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 2427ca4..591acec 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -8,7 +8,7 @@ ## Package vars readonly wazuh_major="4.10" -readonly wazuh_version="4.10.0" +readonly wazuh_version="4.10.1" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" source_branch="v${wazuh_version}" diff --git a/tests/unit/suites/test-common.sh b/tests/unit/suites/test-common.sh index 30fd60e..eaa898d 100644 --- a/tests/unit/suites/test-common.sh +++ b/tests/unit/suites/test-common.sh @@ -61,7 +61,7 @@ test-04-common_checkInstalled-all-installed-yum() { @mocktrue yum list installed - @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.10.0-1 @wazuh + @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.10.1-1 @wazuh @mkdir /var/ossec @mock grep wazuh-indexer === @echo wazuh-indexer.x86_64 1.13.2-1 @wazuh @@ -105,7 +105,7 @@ test-04-common_checkInstalled-all-installed-yum() { } test-05-common_checkInstalled-all-installed-yum-assert() { - @echo "wazuh-manager.x86_64 4.10.0-1 @wazuh" + @echo "wazuh-manager.x86_64 4.10.1-1 @wazuh" @echo 1 @echo "wazuh-indexer.x86_64 4.6.0-1 @wazuh" diff --git a/tests/unit/suites/test-dashboard.sh b/tests/unit/suites/test-dashboard.sh index facc0f9..707d200 100644 --- a/tests/unit/suites/test-dashboard.sh +++ b/tests/unit/suites/test-dashboard.sh @@ -6,7 +6,7 @@ source "${base_dir}"/bach.sh @setup-test { @ignore common_logger k_certs_path="/etc/wazuh-dashboard/certs/" - wazuh_version="4.10.0" + wazuh_version="4.10.1" elasticsearch_oss_version="7.10.2" wazuh_kibana_plugin_revision="1" repobaseurl="https://packages.wazuh.com/4.x" @@ -55,7 +55,7 @@ test-03-dashboard_install-yum() { load-dashboard_install sys_type="yum" sep="-" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" dashboard_install } @@ -68,7 +68,7 @@ test-ASSERT-FAIL-04-dashboard_install-yum-error() { load-dashboard_install sys_type="yum" sep="-" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" @mockfalse yum install wazuh-dashboard-1.13.2-1 -y dashboard_install @@ -78,7 +78,7 @@ test-05-dashboard_install-apt() { load-dashboard_install sys_type="apt-get" sep="=" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" dashboard_install } @@ -91,7 +91,7 @@ test-ASSERT-FAIL-06-dashboard_install-apt-error() { load-dashboard_install sys_type="apt-get" sep="=" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" @mockfalse apt install wazuh-dashboard=1.13.2-1 -y dashboard_install diff --git a/tests/unit/suites/test-indexer.sh b/tests/unit/suites/test-indexer.sh index 7f5ab1e..cdaf053 100644 --- a/tests/unit/suites/test-indexer.sh +++ b/tests/unit/suites/test-indexer.sh @@ -49,7 +49,7 @@ test-03-indexer_install-yum() { load-indexer_install sys_type="yum" sep="-" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" indexer_install } @@ -63,7 +63,7 @@ test-ASSERT-FAIL-04-indexer_install-yum-error() { load-indexer_install sys_type="yum" sep="-" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" @mockfalse yum install wazuh-indexer-1.13.2-1 -y indexer_install @@ -73,7 +73,7 @@ test-05-indexer_install-apt() { load-indexer_install sys_type="apt-get" sep="=" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" indexer_install } @@ -87,7 +87,7 @@ test-ASSERT-FAIL-06-indexer_install-apt-error() { load-indexer_install sys_type="apt-get" sep="=" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" @mockfalse apt install wazuh-indexer=1.13.2-1 -y indexer_install From 814be0d13ee02bef7f3590ff67915ef2a15ec653 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Tue, 24 Sep 2024 18:27:45 +0200 Subject: [PATCH 097/126] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 12d1b26..4b0256d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ All notable changes to this project will be documented in this file. ### Changed +- Migrate the build Installation Assistant files jenkins workflow to GHA ([#77](https://github.com/wazuh/wazuh-installation-assistant/pull/77)) - Installation assistant distributed test rework and migration. ([#60](https://github.com/wazuh/wazuh-installation-assistant/pull/60)) - Installation assistant test and tier workflow migration ([#46](https://github.com/wazuh/wazuh-installation-assistant/pull/46/)) - Added post-install validations for the Wazuh manager and Filebeat. ([#3059](https://github.com/wazuh/wazuh-packages/pull/3059)) From aa18f6c81eb4aae8d54dab76e8dfdb18d651545e Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Wed, 25 Sep 2024 09:50:55 +0200 Subject: [PATCH 098/126] Change changelog and update artifact execution --- .github/workflows/builder_installation_assistant.yml | 5 +++-- CHANGELOG.md | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 6955fc8..e141b03 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -1,4 +1,4 @@ -run-name: Build Installation Assistant ${{ inputs.id }} - Wazuh installation assistant branch ${{ github.ref_name }} - Launched by @${{ github.actor }} +run-name: Build Installation Assistant ${{ inputs.id }} - Branch ${{ github.ref_name }} - Launched by @${{ github.actor }} name: Build Installation Assistant on: @@ -72,6 +72,7 @@ jobs: run: bash builder.sh -i -c -p - name: Prepare files + id: prepare_files run: | mkdir -p ${{ github.workspace }}/${{ env.WAZUH_VERSION }} mv ${{ env.WAZUH_INSTALL_NAME }}*.sh ${{ github.workspace }}/${{ env.WAZUH_VERSION }} @@ -83,7 +84,7 @@ jobs: aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} --recursive - name: Create artifact - if: always() + if: always() && steps.prepare_files.outcome == 'success' uses: actions/upload-artifact@v4 with: name: ${{ env.WAZUH_VERSION }} diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b0256d..0ddf7f4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file. ### Changed -- Migrate the build Installation Assistant files jenkins workflow to GHA ([#77](https://github.com/wazuh/wazuh-installation-assistant/pull/77)) +- Create GHA workflow to build Wazuh Installation Assistant files. ([#77](https://github.com/wazuh/wazuh-installation-assistant/pull/77)) - Installation assistant distributed test rework and migration. ([#60](https://github.com/wazuh/wazuh-installation-assistant/pull/60)) - Installation assistant test and tier workflow migration ([#46](https://github.com/wazuh/wazuh-installation-assistant/pull/46/)) - Added post-install validations for the Wazuh manager and Filebeat. ([#3059](https://github.com/wazuh/wazuh-packages/pull/3059)) From 56a48d1d6bc1070253f73fef48d31cfce5837fa7 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Wed, 25 Sep 2024 13:58:49 +0200 Subject: [PATCH 099/126] Remove branch reference and generate artifact step --- .github/workflows/builder_installation_assistant.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index e141b03..43f3b49 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -23,7 +23,6 @@ on: required: false env: - WAZUH_INSTALLATION_ASSISTANT_REFERENCE: ${{ github.ref_name }} S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} S3_REPOSITORY_PATH: "development/wazuh/4.x/secondary/installation-assistant" BUILDER_PATH: "builder.sh" @@ -45,8 +44,6 @@ jobs: - name: Checkout wazuh-installation-assistant repository uses: actions/checkout@v2 - with: - ref: ${{ env.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@v3 @@ -72,7 +69,6 @@ jobs: run: bash builder.sh -i -c -p - name: Prepare files - id: prepare_files run: | mkdir -p ${{ github.workspace }}/${{ env.WAZUH_VERSION }} mv ${{ env.WAZUH_INSTALL_NAME }}*.sh ${{ github.workspace }}/${{ env.WAZUH_VERSION }} @@ -82,10 +78,3 @@ jobs: - name: Upload files to S3 run: | aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} --recursive - - - name: Create artifact - if: always() && steps.prepare_files.outcome == 'success' - uses: actions/upload-artifact@v4 - with: - name: ${{ env.WAZUH_VERSION }} - path: ${{ github.workspace }}/${{ env.WAZUH_VERSION }} From bc6effd9cf56e7b850ca77564fe7a73663b71a6a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 2 Oct 2024 15:33:58 +0200 Subject: [PATCH 100/126] Added architecture information to assistant --- install_functions/checks.sh | 2 +- install_functions/installMain.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/install_functions/checks.sh b/install_functions/checks.sh index fb003a2..582510d 100644 --- a/install_functions/checks.sh +++ b/install_functions/checks.sh @@ -12,7 +12,7 @@ function checks_arch() { arch=$(uname -m) if [ "${arch}" != "x86_64" ]; then - common_logger -e "Uncompatible system. This script must be run on a 64-bit system." + common_logger -e "Uncompatible system. This script must be run on a 64-bit (x86_64/AMD64) system." exit 1 fi } diff --git a/install_functions/installMain.sh b/install_functions/installMain.sh index bc5a8a8..1ec1541 100755 --- a/install_functions/installMain.sh +++ b/install_functions/installMain.sh @@ -243,7 +243,7 @@ function main() { exit 0 fi - common_logger "Starting Wazuh installation assistant. Wazuh version: ${wazuh_version}" + common_logger "Starting Wazuh installation assistant. Wazuh version: ${wazuh_version} (x86_64/AMD64)" common_logger "Verbose logging redirected to ${logfile}" # -------------- Uninstall case ------------------------------------ From 9c63d35801a8c3fd423d53670c6f08fbee74ab89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 2 Oct 2024 15:40:04 +0200 Subject: [PATCH 101/126] Updated CHANGELOG for #92 --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 271db36..0096589 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,7 +13,7 @@ All notable changes to this project will be documented in this file. ### Fixed -- None +- Added architecture information to assistant. ([#92](https://github.com/wazuh/wazuh-installation-assistant/pull/92)) ### Deleted From de2875878c4f8e639f7926a3041df6c31af97b75 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 3 Oct 2024 12:26:45 -0300 Subject: [PATCH 102/126] Bumped branch 4.10.2 to 4.10.2 version --- .../workflows/Test_installation_assistant.yml | 16 ++++----- ...est_installation_assistant_distributed.yml | 36 +++++++++---------- CHANGELOG.md | 18 ++++++++++ VERSION | 2 +- builder.sh | 2 +- install_functions/installVariables.sh | 2 +- tests/unit/suites/test-common.sh | 4 +-- tests/unit/suites/test-dashboard.sh | 10 +++--- tests/unit/suites/test-indexer.sh | 8 ++--- 9 files changed, 58 insertions(+), 40 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 45dd7ab..381964f 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -1,5 +1,5 @@ run-name: Test installation assistant - ${{ github.run_id }} - ${{ inputs.SYSTEMS }} - Launched by @${{ github.actor }} -name: Test installation assistant +name: Test installation assistant on: pull_request: @@ -23,7 +23,7 @@ on: AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: '4.10.1' + default: '4.10.2' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true @@ -74,7 +74,7 @@ jobs: - name: View parameters run: echo "${{ toJson(inputs) }}" - + - name: Set COMPOSITE_NAME variable run: | case "${{ matrix.system }}" in @@ -115,7 +115,7 @@ jobs: - name: Install Ansible run: sudo apt-get update && sudo apt install -y python3 && python3 -m pip install --user ansible-core==2.16 - + - name: Set up AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -144,7 +144,7 @@ jobs: sed 's/: */=/g' $ALLOCATOR_PATH/inventory.yml > $ALLOCATOR_PATH/inventory_mod.yml sed -i 's/-o StrictHostKeyChecking=no/\"-o StrictHostKeyChecking=no\"/g' $ALLOCATOR_PATH/inventory_mod.yml source $ALLOCATOR_PATH/inventory_mod.yml - + echo "[gha_instance]" > $ALLOCATOR_PATH/inventory echo "$ansible_host ansible_port=$ansible_port ansible_user=$ansible_user ansible_ssh_private_key_file=$ansible_ssh_private_key_file ansible_ssh_common_args='$ansible_ssh_common_args'" >> $ALLOCATOR_PATH/inventory @@ -186,13 +186,13 @@ jobs: -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" - + - name: Compress Allocator VM directory id: compress_allocator_files if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == false run: | zip -P "${{ secrets.ZIP_ARTIFACTS_PASSWORD }}" -r $ALLOCATOR_PATH.zip $ALLOCATOR_PATH - + - name: Upload Allocator VM directory as artifact if: always() && steps.compress_allocator_files.outcome == 'success' && inputs.DESTROY == false uses: actions/upload-artifact@v4 @@ -203,4 +203,4 @@ jobs: - name: Delete allocated VM if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output $ALLOCATOR_PATH/track.yml - + diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 2cb6ea1..d18ec84 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -1,5 +1,5 @@ run-name: (Distributed) Test installation assistant - ${{ github.run_id }} - ${{ inputs.SYSTEMS }} - Launched by @${{ github.actor }} -name: (Distributed) Test installation assistant +name: (Distributed) Test installation assistant on: pull_request: @@ -23,7 +23,7 @@ on: AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: '4.10.1' + default: '4.10.2' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true @@ -76,7 +76,7 @@ jobs: - name: View parameters run: echo "${{ toJson(inputs) }}" - + - name: Set COMPOSITE_NAME variable run: | case "${{ matrix.system }}" in @@ -117,7 +117,7 @@ jobs: - name: Install Ansible run: sudo apt-get update && sudo apt install -y python3 && python3 -m pip install --user ansible-core==2.16 && pip install pyyaml && ansible-galaxy collection install community.general - + - name: Set up AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -152,7 +152,7 @@ jobs: echo "[managers]" > $inventory_managers echo "[dashboards]" > $inventory_dashboards echo "[all:vars]" > $inventory_common - + for i in ${!instance_names[@]}; do instance_name=${instance_names[$i]} # Provision instance in parallel @@ -178,7 +178,7 @@ jobs: if [[ $i -eq 0 ]]; then echo "indexer1 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers echo "master ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=master instance_type=indexer_manager" >> $inventory_managers - + echo "ansible_user=$ansible_user" >> $inventory_common echo "ansible_port=$ansible_port" >> $inventory_common echo "ansible_ssh_common_args='$ansible_ssh_common_args'" >> $inventory_common @@ -201,7 +201,7 @@ jobs: cat $inventory_managers >> $inventory_file cat $inventory_dashboards >> $inventory_file cat $inventory_common >> $inventory_file - + - name: Execute provision playbook run: | INSTALL_DEPS=true @@ -218,14 +218,14 @@ jobs: -e "install_python=$INSTALL_PYTHON" \ -e "install_pip_deps=$INSTALL_PIP_DEPS" \ "${{ inputs.VERBOSITY }}" - + - name: Execute certificates generation playbook run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_generate_certificates.yml \ -i $ALLOCATOR_PATH/inventory \ -e "resources_path=$RESOURCES_PATH" \ "${{ inputs.VERBOSITY }}" - + - name: Copy certificates to nodes run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_copy_certificates.yml \ @@ -243,7 +243,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - + - name: Execute indexer cluster start playbook run: | INDEXER_ADMIN_PASSWORD="admin" @@ -253,7 +253,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - + - name: Execute server installation playbook run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_install_wazuh.yml \ @@ -262,7 +262,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - + - name: Execute dashboard installation playbook run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_install_dashboard.yml \ @@ -271,7 +271,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - + - name: Execute Python test playbook run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_tests.yml \ @@ -280,13 +280,13 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" - + - name: Compress Allocator VM directory id: compress_allocator_files if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == false run: | zip -P "${{ secrets.ZIP_ARTIFACTS_PASSWORD }}" -r $ALLOCATOR_PATH.zip $ALLOCATOR_PATH - + - name: Upload Allocator VM directory as artifact if: always() && steps.compress_allocator_files.outcome == 'success' && inputs.DESTROY == false uses: actions/upload-artifact@v4 @@ -298,13 +298,13 @@ jobs: if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true run: | instance_names=($INSTANCE_NAMES) - + for i in ${!instance_names[@]}; do instance_name=${instance_names[$i]} track_file="$ALLOCATOR_PATH/track_${instance_name}.yml" - + echo "Deleting instance: $instance_name using track file $track_file" - + ( # Delete instance python3 wazuh-automation/deployability/modules/allocation/main.py \ diff --git a/CHANGELOG.md b/CHANGELOG.md index 0096589..30b5e8b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,24 @@ # Change Log All notable changes to this project will be documented in this file. +## [4.10.2] + +### Added + +- None + +### Changed + +- None + +### Fixed + +- None + +### Deleted + +- None + ## [4.10.1] ### Added diff --git a/VERSION b/VERSION index ad96464..0216ba3 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.10.1 +4.10.2 diff --git a/builder.sh b/builder.sh index 95d1b63..0b7638a 100755 --- a/builder.sh +++ b/builder.sh @@ -16,7 +16,7 @@ readonly resources_certs="${base_path_builder}/cert_tool" readonly resources_passwords="${base_path_builder}/passwords_tool" readonly resources_common="${base_path_builder}/common_functions" readonly resources_download="${base_path_builder}/downloader" -source_branch="v4.10.1" +source_branch="v4.10.2" function getHelp() { diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 591acec..41e4a77 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -8,7 +8,7 @@ ## Package vars readonly wazuh_major="4.10" -readonly wazuh_version="4.10.1" +readonly wazuh_version="4.10.2" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" source_branch="v${wazuh_version}" diff --git a/tests/unit/suites/test-common.sh b/tests/unit/suites/test-common.sh index eaa898d..d0dbf2c 100644 --- a/tests/unit/suites/test-common.sh +++ b/tests/unit/suites/test-common.sh @@ -61,7 +61,7 @@ test-04-common_checkInstalled-all-installed-yum() { @mocktrue yum list installed - @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.10.1-1 @wazuh + @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.10.2-1 @wazuh @mkdir /var/ossec @mock grep wazuh-indexer === @echo wazuh-indexer.x86_64 1.13.2-1 @wazuh @@ -105,7 +105,7 @@ test-04-common_checkInstalled-all-installed-yum() { } test-05-common_checkInstalled-all-installed-yum-assert() { - @echo "wazuh-manager.x86_64 4.10.1-1 @wazuh" + @echo "wazuh-manager.x86_64 4.10.2-1 @wazuh" @echo 1 @echo "wazuh-indexer.x86_64 4.6.0-1 @wazuh" diff --git a/tests/unit/suites/test-dashboard.sh b/tests/unit/suites/test-dashboard.sh index 707d200..d0dfa96 100644 --- a/tests/unit/suites/test-dashboard.sh +++ b/tests/unit/suites/test-dashboard.sh @@ -6,7 +6,7 @@ source "${base_dir}"/bach.sh @setup-test { @ignore common_logger k_certs_path="/etc/wazuh-dashboard/certs/" - wazuh_version="4.10.1" + wazuh_version="4.10.2" elasticsearch_oss_version="7.10.2" wazuh_kibana_plugin_revision="1" repobaseurl="https://packages.wazuh.com/4.x" @@ -55,7 +55,7 @@ test-03-dashboard_install-yum() { load-dashboard_install sys_type="yum" sep="-" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" dashboard_install } @@ -68,7 +68,7 @@ test-ASSERT-FAIL-04-dashboard_install-yum-error() { load-dashboard_install sys_type="yum" sep="-" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" @mockfalse yum install wazuh-dashboard-1.13.2-1 -y dashboard_install @@ -78,7 +78,7 @@ test-05-dashboard_install-apt() { load-dashboard_install sys_type="apt-get" sep="=" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" dashboard_install } @@ -91,7 +91,7 @@ test-ASSERT-FAIL-06-dashboard_install-apt-error() { load-dashboard_install sys_type="apt-get" sep="=" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" @mockfalse apt install wazuh-dashboard=1.13.2-1 -y dashboard_install diff --git a/tests/unit/suites/test-indexer.sh b/tests/unit/suites/test-indexer.sh index cdaf053..808fa44 100644 --- a/tests/unit/suites/test-indexer.sh +++ b/tests/unit/suites/test-indexer.sh @@ -49,7 +49,7 @@ test-03-indexer_install-yum() { load-indexer_install sys_type="yum" sep="-" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" indexer_install } @@ -63,7 +63,7 @@ test-ASSERT-FAIL-04-indexer_install-yum-error() { load-indexer_install sys_type="yum" sep="-" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" @mockfalse yum install wazuh-indexer-1.13.2-1 -y indexer_install @@ -73,7 +73,7 @@ test-05-indexer_install-apt() { load-indexer_install sys_type="apt-get" sep="=" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" indexer_install } @@ -87,7 +87,7 @@ test-ASSERT-FAIL-06-indexer_install-apt-error() { load-indexer_install sys_type="apt-get" sep="=" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" @mockfalse apt install wazuh-indexer=1.13.2-1 -y indexer_install From 4c99a43fd1892a8d89dc16840d9481db5325a0bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Tue, 8 Oct 2024 11:55:00 +0200 Subject: [PATCH 103/126] added wazuh-installation-assistant reference input --- .github/workflows/Test_installation_assistant.yml | 6 ++++++ .../Test_installation_assistant_distributed.yml | 6 ++++++ .github/workflows/builder_installation_assistant.yml | 6 ++++++ .github/workflows/offline-installation.yml | 11 +++++++++++ 4 files changed, 29 insertions(+) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 2c95bf5..6d6c803 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -20,6 +20,10 @@ on: options: - staging - pre-release + WAZUH_INSTALLATION_ASSISTANT_REFERENCE: + description: 'Branch or tag of the wazuh-installation-assistant repository' + required: true + default: '4.10.0' AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true @@ -71,6 +75,8 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 + with: + ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} - name: View parameters run: echo "${{ toJson(inputs) }}" diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index f18a749..7736290 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -20,6 +20,10 @@ on: options: - staging - pre-release + WAZUH_INSTALLATION_ASSISTANT_REFERENCE: + description: 'Branch or tag of the wazuh-installation-assistant repository' + required: true + default: '4.10.0' AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true @@ -73,6 +77,8 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 + with: + ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} - name: View parameters run: echo "${{ toJson(inputs) }}" diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 43f3b49..161216b 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -4,6 +4,10 @@ name: Build Installation Assistant on: workflow_dispatch: inputs: + WAZUH_INSTALLATION_ASSISTANT_REFERENCE: + description: "Branch or tag of the wazuh-installation-assistant repository." + required: true + default: 4.10.0 is_stage: description: "Is stage?" type: boolean @@ -44,6 +48,8 @@ jobs: - name: Checkout wazuh-installation-assistant repository uses: actions/checkout@v2 + with: + ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@v3 diff --git a/.github/workflows/offline-installation.yml b/.github/workflows/offline-installation.yml index ec8b986..4cb80b0 100644 --- a/.github/workflows/offline-installation.yml +++ b/.github/workflows/offline-installation.yml @@ -5,6 +5,11 @@ on: - 'install_functions/wazuh-offline-download.sh' - 'install_functions/wazuh-offline-installation.sh' workflow_dispatch: + inputs: + WAZUH_INSTALLATION_ASSISTANT_REFERENCE: + description: "Branch or tag of the wazuh-installation-assistant repository." + required: true + default: 4.10.0 jobs: Build-wazuh-install-script: @@ -18,6 +23,8 @@ jobs: skip_after_successful_duplicate: 'false' - uses: actions/checkout@v4 + with: + ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} - name: Build wazuh-install script and use staging packages run: bash builder.sh -i @@ -33,6 +40,8 @@ jobs: needs: Build-wazuh-install-script steps: - uses: actions/checkout@v4 + with: + ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} - uses: actions/download-artifact@v3 with: @@ -49,6 +58,8 @@ jobs: needs: Build-wazuh-install-script steps: - uses: actions/checkout@v4 + with: + ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} - uses: actions/download-artifact@v3 with: From 4df3157164397f18af1a00757f96e8acd689396d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Tue, 8 Oct 2024 11:55:53 +0200 Subject: [PATCH 104/126] changed actions/checkout to v4 --- .github/workflows/builder_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 161216b..a85d683 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -47,7 +47,7 @@ jobs: run: echo "${{ toJson(inputs) }}" - name: Checkout wazuh-installation-assistant repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} From 42738d82313ac631ef9b63728f47bcf46f9d32c7 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Tue, 8 Oct 2024 08:48:57 -0300 Subject: [PATCH 105/126] Testing function check prerequisites --- install_functions/installMain.sh | 4 +- install_functions/installVariables.sh | 1 + .../wazuh-offline-installation.sh | 46 ++++++++----------- 3 files changed, 21 insertions(+), 30 deletions(-) diff --git a/install_functions/installMain.sh b/install_functions/installMain.sh index bc5a8a8..2f87eb1 100755 --- a/install_functions/installMain.sh +++ b/install_functions/installMain.sh @@ -123,7 +123,7 @@ function main() { bucket="packages-dev.wazuh.com" repository="${devrepo}" ;; - + "-fd"|"--force-install-dashboard") force=1 shift 1 @@ -257,7 +257,7 @@ function main() { if [ -z "${uninstall}" ] && [ -z "${offline_install}" ]; then installCommon_installCheckDependencies elif [ -n "${offline_install}" ]; then - offline_checkDependencies + offline_checkPrerequisites "${wia_offline_dependencies[@]}" "wia_offline_dependencies" fi common_checkInstalled diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 2427ca4..2f1b7ab 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -72,4 +72,5 @@ readonly indexer_yum_dependencies=( coreutils ) readonly indexer_apt_dependencies=( debconf adduser procps gnupg apt-transport-https ) readonly dashboard_yum_dependencies=( libcap ) readonly dashboard_apt_dependencies=( debhelper tar curl libcap2-bin gnupg apt-transport-https ) +readonly wia_offline_dependencies=( curl tar gnupg openssl lsof ) wia_dependencies_installed=() diff --git a/install_functions/wazuh-offline-installation.sh b/install_functions/wazuh-offline-installation.sh index 5892202..eae4bf9 100644 --- a/install_functions/wazuh-offline-installation.sh +++ b/install_functions/wazuh-offline-installation.sh @@ -8,46 +8,36 @@ # License (version 2) as published by the FSF - Free Software # Foundation. -# Checks the necessary dependencies for the installation -function offline_checkDependencies() { - - dependencies=( curl tar gnupg openssl lsof ) - - common_logger "Checking installed dependencies for Offline installation." - for dep in "${dependencies[@]}"; do - if [ "${sys_type}" == "yum" ]; then - eval "yum list installed 2>/dev/null | grep -q -E ^"${dep}"\\." - elif [ "${sys_type}" == "apt-get" ]; then - eval "apt list --installed 2>/dev/null | grep -q -E ^"${dep}"\/" - fi - - if [ "${PIPESTATUS[0]}" != 0 ]; then - common_logger -e "${dep} is necessary for the offline installation." - exit 1 - fi - done - common_logger -d "Offline dependencies are installed." - -} - # Checks the necessary packages needed for a Wazuh component function offline_checkPrerequisites(){ - dependencies=("$@") - common_logger "Checking prerequisites for Offline installation." + dependencies=("${!1}") + dependency_type="${2}" + + if [ "${2}" == "wia_offline_dependencies"]; + then + common_logger "Checking dependencies for Wazuh installation assistant." + else + common_logger "Checking prerequisites for Offline installation." + fi for dep in "${dependencies[@]}"; do if [ "${sys_type}" == "yum" ]; then eval "yum list installed 2>/dev/null | grep -q -E ^"${dep}"\\." elif [ "${sys_type}" == "apt-get" ]; then eval "apt list --installed 2>/dev/null | grep -q -E ^"${dep}"\/" fi - + if [ "${PIPESTATUS[0]}" != 0 ]; then common_logger -e "${dep} is necessary for the offline installation." exit 1 fi done - common_logger -d "Offline prerequisites are installed." + if [ "${2}" == "wia_offline_dependencies"]; + then + common_logger -d "Dependencies for Wazuh installation assistant are installed." + else + common_logger -d "Prerequisites for Offline installation are installed." + fi } # Checks the necessary files for the installation @@ -85,7 +75,7 @@ function offline_extractFiles() { "${offline_files_path}/wazuh-filebeat-*.tar.gz" "${offline_files_path}/wazuh-template.json" ) - + if [ "${sys_type}" == "apt-get" ]; then required_files+=("${offline_packages_path}/filebeat-oss-*.deb" "${offline_packages_path}/wazuh-dashboard_*.deb" "${offline_packages_path}/wazuh-indexer_*.deb" "${offline_packages_path}/wazuh-manager_*.deb") elif [ "${sys_type}" == "rpm" ]; then @@ -120,5 +110,5 @@ function offline_importGPGKey() { fi eval "chmod 644 ${offline_files_path}/GPG-KEY-WAZUH ${debug}" fi - + } From 37929337da6e592f39a30f09613071a1e8dcf851 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Tue, 8 Oct 2024 14:11:30 +0200 Subject: [PATCH 106/126] changelog updated --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0ddf7f4..853148f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ All notable changes to this project will be documented in this file. ### Changed +- Add input for wazuh installation assistant reference in workflows. ([#98](https://github.com/wazuh/wazuh-installation-assistant/pull/98)) - Create GHA workflow to build Wazuh Installation Assistant files. ([#77](https://github.com/wazuh/wazuh-installation-assistant/pull/77)) - Installation assistant distributed test rework and migration. ([#60](https://github.com/wazuh/wazuh-installation-assistant/pull/60)) - Installation assistant test and tier workflow migration ([#46](https://github.com/wazuh/wazuh-installation-assistant/pull/46/)) From 7b9b80d53e7ed497ddf482db1ffc0f11925ced83 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Tue, 8 Oct 2024 19:08:26 +0200 Subject: [PATCH 107/126] Fix dependences variables values in offline install --- install_functions/installMain.sh | 2 +- install_functions/wazuh-offline-installation.sh | 13 +++++++------ 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/install_functions/installMain.sh b/install_functions/installMain.sh index 2f87eb1..1e27b85 100755 --- a/install_functions/installMain.sh +++ b/install_functions/installMain.sh @@ -257,7 +257,7 @@ function main() { if [ -z "${uninstall}" ] && [ -z "${offline_install}" ]; then installCommon_installCheckDependencies elif [ -n "${offline_install}" ]; then - offline_checkPrerequisites "${wia_offline_dependencies[@]}" "wia_offline_dependencies" + offline_checkPrerequisites "wia_offline_dependencies" "${wia_offline_dependencies[@]}" fi common_checkInstalled diff --git a/install_functions/wazuh-offline-installation.sh b/install_functions/wazuh-offline-installation.sh index eae4bf9..aea9a0b 100644 --- a/install_functions/wazuh-offline-installation.sh +++ b/install_functions/wazuh-offline-installation.sh @@ -11,12 +11,14 @@ # Checks the necessary packages needed for a Wazuh component function offline_checkPrerequisites(){ - dependencies=("${!1}") - dependency_type="${2}" + dependencies=( "${@}" ) + if [ $1 == "wia_offline_dependencies" ]; then + dependencies=( "${@:2}" ) + fi - if [ "${2}" == "wia_offline_dependencies"]; - then + if [ $1 == "wia_offline_dependencies" ]; then common_logger "Checking dependencies for Wazuh installation assistant." + else common_logger "Checking prerequisites for Offline installation." fi @@ -32,8 +34,7 @@ function offline_checkPrerequisites(){ exit 1 fi done - if [ "${2}" == "wia_offline_dependencies"]; - then + if [ $1 == "wia_offline_dependencies" ]; then common_logger -d "Dependencies for Wazuh installation assistant are installed." else common_logger -d "Prerequisites for Offline installation are installed." From 65c96850c08965e7e585236648fd8840a0926caf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Wed, 9 Oct 2024 11:49:18 +0200 Subject: [PATCH 108/126] unified ifs --- install_functions/wazuh-offline-installation.sh | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/install_functions/wazuh-offline-installation.sh b/install_functions/wazuh-offline-installation.sh index aea9a0b..86457f0 100644 --- a/install_functions/wazuh-offline-installation.sh +++ b/install_functions/wazuh-offline-installation.sh @@ -14,14 +14,11 @@ function offline_checkPrerequisites(){ dependencies=( "${@}" ) if [ $1 == "wia_offline_dependencies" ]; then dependencies=( "${@:2}" ) - fi - - if [ $1 == "wia_offline_dependencies" ]; then common_logger "Checking dependencies for Wazuh installation assistant." - else common_logger "Checking prerequisites for Offline installation." fi + for dep in "${dependencies[@]}"; do if [ "${sys_type}" == "yum" ]; then eval "yum list installed 2>/dev/null | grep -q -E ^"${dep}"\\." From ef980f5fde268a9cfb84465b6289f087c39b2fa8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Wed, 9 Oct 2024 13:15:22 +0200 Subject: [PATCH 109/126] updated the changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0ddf7f4..3df7873 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ All notable changes to this project will be documented in this file. ### Changed +- Deleted the offline_checkDependencies function and unified logic in offline_checkPrerequisites function. ([#99](https://github.com/wazuh/wazuh-installation-assistant/pull/99)) - Create GHA workflow to build Wazuh Installation Assistant files. ([#77](https://github.com/wazuh/wazuh-installation-assistant/pull/77)) - Installation assistant distributed test rework and migration. ([#60](https://github.com/wazuh/wazuh-installation-assistant/pull/60)) - Installation assistant test and tier workflow migration ([#46](https://github.com/wazuh/wazuh-installation-assistant/pull/46/)) From d53eb30967382ced36a4fc630cd9fb737e5758b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 10 Oct 2024 12:24:18 -0300 Subject: [PATCH 110/126] Change source branch --- builder.sh | 2 +- install_functions/installVariables.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/builder.sh b/builder.sh index 6b551bd..5d43dfa 100755 --- a/builder.sh +++ b/builder.sh @@ -16,7 +16,7 @@ readonly resources_certs="${base_path_builder}/cert_tool" readonly resources_passwords="${base_path_builder}/passwords_tool" readonly resources_common="${base_path_builder}/common_functions" readonly resources_download="${base_path_builder}/downloader" -source_branch="v4.10.0" +source_branch="v4.10.0-alpha2" function getHelp() { diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 2f1b7ab..8c5cb3a 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -11,7 +11,7 @@ readonly wazuh_major="4.10" readonly wazuh_version="4.10.0" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" -source_branch="v${wazuh_version}" +source_branch="v${wazuh_version}-alpha2" repogpg="https://packages.wazuh.com/key/GPG-KEY-WAZUH" repobaseurl="https://packages.wazuh.com/4.x" From 69daafdc92d9aeb2494ccad43528fc856d208228 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 10 Oct 2024 12:36:39 -0300 Subject: [PATCH 111/126] Revert source branch --- builder.sh | 2 +- install_functions/installVariables.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/builder.sh b/builder.sh index 5d43dfa..6b551bd 100755 --- a/builder.sh +++ b/builder.sh @@ -16,7 +16,7 @@ readonly resources_certs="${base_path_builder}/cert_tool" readonly resources_passwords="${base_path_builder}/passwords_tool" readonly resources_common="${base_path_builder}/common_functions" readonly resources_download="${base_path_builder}/downloader" -source_branch="v4.10.0-alpha2" +source_branch="v4.10.0" function getHelp() { diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 8c5cb3a..2f1b7ab 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -11,7 +11,7 @@ readonly wazuh_major="4.10" readonly wazuh_version="4.10.0" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" -source_branch="v${wazuh_version}-alpha2" +source_branch="v${wazuh_version}" repogpg="https://packages.wazuh.com/key/GPG-KEY-WAZUH" repobaseurl="https://packages.wazuh.com/4.x" From 1c4433ae665f2fec98ab32cf02636ba7a5518d33 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Fri, 11 Oct 2024 17:03:35 +0200 Subject: [PATCH 112/126] Add checksum step with artifact to test it --- .../builder_installation_assistant.yml | 48 ++++++++++++++++--- 1 file changed, 42 insertions(+), 6 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index a85d683..5ba4375 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -12,16 +12,29 @@ on: description: "Is stage?" type: boolean default: false + checksum: + description: "Add checksum" + type: boolean + default: false id: description: "ID used to identify the workflow uniquely." type: string required: false workflow_call: inputs: + WAZUH_INSTALLATION_ASSISTANT_REFERENCE: + description: "Branch or tag of the wazuh-installation-assistant repository." + type: string + required: true + default: 4.10.0 is_stage: description: "Is stage?" type: boolean default: false + checksum: + description: "Add checksum" + type: boolean + default: false id: type: string required: false @@ -73,14 +86,37 @@ jobs: - name: Build Installation Assistant packages run: bash builder.sh -i -c -p + + - name: Save files name + run: | + WAZUH_INSTALL_NAME=$(ls ${{ github.workspace }}/${{ env.WAZUH_INSTALL_NAME }}*.sh) + WAZUH_CERT_TOOL_NAME=$(ls ${{ github.workspace }}/${{ env.WAZUH_CERT_TOOL_NAME }}*.sh) + WAZUH_PASSWORD_TOOL_NAME=$(ls ${{ github.workspace }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}*.sh) + echo "WAZUH_INSTALL_NAME=$WAZUH_INSTALL_NAME" >> $GITHUB_ENV + echo "WAZUH_CERT_TOOL_NAME=$WAZUH_CERT_TOOL_NAME" >> $GITHUB_ENV + echo "WAZUH_PASSWORD_TOOL_NAME=$WAZUH_PASSWORD_TOOL_NAME" >> $GITHUB_ENV - name: Prepare files run: | mkdir -p ${{ github.workspace }}/${{ env.WAZUH_VERSION }} - mv ${{ env.WAZUH_INSTALL_NAME }}*.sh ${{ github.workspace }}/${{ env.WAZUH_VERSION }} - mv ${{ env.WAZUH_CERT_TOOL_NAME }}*.sh ${{ github.workspace }}/${{ env.WAZUH_VERSION }} - mv ${{ env.WAZUH_PASSWORD_TOOL_NAME }}*.sh ${{ github.workspace }}/${{ env.WAZUH_VERSION }} - - - name: Upload files to S3 + mv ${{ env.WAZUH_INSTALL_NAME }} ${{ github.workspace }}/${{ env.WAZUH_VERSION }} + mv ${{ env.WAZUH_CERT_TOOL_NAME }} ${{ github.workspace }}/${{ env.WAZUH_VERSION }} + mv ${{ env.WAZUH_PASSWORD_TOOL_NAME }} ${{ github.workspace }}/${{ env.WAZUH_VERSION }} + + - name: Build packages checksum + if: ${{ inputs.checksum == true }} run: | - aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} --recursive + sha512sum ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }} > ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512 + sha512sum ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }} > ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512 + sha512sum ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }} > ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sha512 + + - name: Build test artifact + if: always() + uses: actions/upload-artifact@v4 + with: + name: wazuh-installation-assistant-${{ env.WAZUH_VERSION }} + path: ${{ github.workspace }}/${{ env.WAZUH_VERSION }} + + # - name: Upload files to S3 + # run: | + # aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} --recursive From 6b9698f3c455fe1a1b8bdae522684730321c11e0 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Fri, 11 Oct 2024 17:11:48 +0200 Subject: [PATCH 113/126] Fix file basename --- .github/workflows/builder_installation_assistant.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 5ba4375..aac43f9 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -89,9 +89,9 @@ jobs: - name: Save files name run: | - WAZUH_INSTALL_NAME=$(ls ${{ github.workspace }}/${{ env.WAZUH_INSTALL_NAME }}*.sh) - WAZUH_CERT_TOOL_NAME=$(ls ${{ github.workspace }}/${{ env.WAZUH_CERT_TOOL_NAME }}*.sh) - WAZUH_PASSWORD_TOOL_NAME=$(ls ${{ github.workspace }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}*.sh) + WAZUH_INSTALL_NAME=$(ls ${{ github.workspace }}/${{ env.WAZUH_INSTALL_NAME }}*.sh | xargs basename) + WAZUH_CERT_TOOL_NAME=$(ls ${{ github.workspace }}/${{ env.WAZUH_CERT_TOOL_NAME }}*.sh | xargs basename) + WAZUH_PASSWORD_TOOL_NAME=$(ls ${{ github.workspace }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}*.sh | xargs basename) echo "WAZUH_INSTALL_NAME=$WAZUH_INSTALL_NAME" >> $GITHUB_ENV echo "WAZUH_CERT_TOOL_NAME=$WAZUH_CERT_TOOL_NAME" >> $GITHUB_ENV echo "WAZUH_PASSWORD_TOOL_NAME=$WAZUH_PASSWORD_TOOL_NAME" >> $GITHUB_ENV From 31f0d4253f80856f09b202f8d7004a595c996a8c Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Fri, 11 Oct 2024 17:35:16 +0200 Subject: [PATCH 114/126] Add upload to s3 steps --- .../builder_installation_assistant.yml | 32 +++++++++++++------ 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index aac43f9..1bfe274 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -110,13 +110,27 @@ jobs: sha512sum ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }} > ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512 sha512sum ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }} > ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sha512 - - name: Build test artifact - if: always() - uses: actions/upload-artifact@v4 - with: - name: wazuh-installation-assistant-${{ env.WAZUH_VERSION }} - path: ${{ github.workspace }}/${{ env.WAZUH_VERSION }} + - name: Upload files to S3 + run: | + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}" + echo "S3 wazuh-install URI: ${s3uri}" + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}" + echo "S3 wazuh-certs-tool URI: ${s3uri}" + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}" + echo "S3 wazuh-passwords-tool URI: ${s3uri}" - # - name: Upload files to S3 - # run: | - # aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} --recursive + - name: Upload checksum files to S3 + if: ${{ inputs.checksum == true }} + run: | + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512" + echo "S3 sha512 wazuh-install checksum URI: ${s3uri}" + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512" + echo "S3 sha512 wazuh-certs-tool checksum URI: ${s3uri}" + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sha512" + echo "S3 sha512 wazuh-passwords-tool checksum URI: ${s3uri}" \ No newline at end of file From 248087928cb6fad5d81c565e470aa404d5286a77 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Fri, 11 Oct 2024 17:45:28 +0200 Subject: [PATCH 115/126] Add bucket as string --- .github/workflows/builder_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 1bfe274..00e7d5f 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -40,7 +40,7 @@ on: required: false env: - S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} + S3_BUCKET: "packages-dev.internal.wazuh.com" S3_REPOSITORY_PATH: "development/wazuh/4.x/secondary/installation-assistant" BUILDER_PATH: "builder.sh" WAZUH_INSTALL_NAME: "wazuh-install" From 2867c50e847b6ceeb6481b60a7cabd0430394c82 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Fri, 11 Oct 2024 18:22:49 +0200 Subject: [PATCH 116/126] Fix s3 path --- .github/workflows/builder_installation_assistant.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 00e7d5f..9d75e51 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -112,25 +112,25 @@ jobs: - name: Upload files to S3 run: | - aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}" echo "S3 wazuh-install URI: ${s3uri}" - aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}" echo "S3 wazuh-certs-tool URI: ${s3uri}" - aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}" echo "S3 wazuh-passwords-tool URI: ${s3uri}" - name: Upload checksum files to S3 if: ${{ inputs.checksum == true }} run: | - aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512" echo "S3 sha512 wazuh-install checksum URI: ${s3uri}" - aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512" echo "S3 sha512 wazuh-certs-tool checksum URI: ${s3uri}" - aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }} + aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sha512" echo "S3 sha512 wazuh-passwords-tool checksum URI: ${s3uri}" \ No newline at end of file From fc19b1911321d2d648ae3f9472bef59780cba572 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Fri, 11 Oct 2024 19:17:14 +0200 Subject: [PATCH 117/126] Change URI echo ti maintain consistency --- .github/workflows/builder_installation_assistant.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 9d75e51..95df83f 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -114,7 +114,7 @@ jobs: run: | aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}" - echo "S3 wazuh-install URI: ${s3uri}" + echo "S3 wazuh-install-tool URI: ${s3uri}" aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}" echo "S3 wazuh-certs-tool URI: ${s3uri}" @@ -127,10 +127,10 @@ jobs: run: | aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512" - echo "S3 sha512 wazuh-install checksum URI: ${s3uri}" + echo "S3 sha512 wazuh-install-tool checksum URI: ${s3uri}" aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512" echo "S3 sha512 wazuh-certs-tool checksum URI: ${s3uri}" aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sha512" - echo "S3 sha512 wazuh-passwords-tool checksum URI: ${s3uri}" \ No newline at end of file + echo "S3 sha512 wazuh-passwords-tool checksum URI: ${s3uri}" From 231805a3dde99242b31b33a3ed5ce545da007a8b Mon Sep 17 00:00:00 2001 From: c-bordon Date: Tue, 15 Oct 2024 15:49:14 -0300 Subject: [PATCH 118/126] Changed GitHub Runner version to fix Python error --- .../workflows/Test_installation_assistant.yml | 16 ++++----- ...est_installation_assistant_distributed.yml | 36 +++++++++---------- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 6d6c803..ee739ee 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -1,5 +1,5 @@ run-name: Test installation assistant - ${{ github.run_id }} - ${{ inputs.SYSTEMS }} - Launched by @${{ github.actor }} -name: Test installation assistant +name: Test installation assistant on: pull_request: @@ -66,7 +66,7 @@ permissions: jobs: run-test: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 strategy: fail-fast: false # If a job fails, the rest of jobs will not be canceled matrix: @@ -80,7 +80,7 @@ jobs: - name: View parameters run: echo "${{ toJson(inputs) }}" - + - name: Set COMPOSITE_NAME variable run: | case "${{ matrix.system }}" in @@ -121,7 +121,7 @@ jobs: - name: Install Ansible run: sudo apt-get update && sudo apt install -y python3 && python3 -m pip install --user ansible-core==2.16 - + - name: Set up AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -150,7 +150,7 @@ jobs: sed 's/: */=/g' $ALLOCATOR_PATH/inventory.yml > $ALLOCATOR_PATH/inventory_mod.yml sed -i 's/-o StrictHostKeyChecking=no/\"-o StrictHostKeyChecking=no\"/g' $ALLOCATOR_PATH/inventory_mod.yml source $ALLOCATOR_PATH/inventory_mod.yml - + echo "[gha_instance]" > $ALLOCATOR_PATH/inventory echo "$ansible_host ansible_port=$ansible_port ansible_user=$ansible_user ansible_ssh_private_key_file=$ansible_ssh_private_key_file ansible_ssh_common_args='$ansible_ssh_common_args'" >> $ALLOCATOR_PATH/inventory @@ -192,13 +192,13 @@ jobs: -e "logs_path=$LOGS_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" - + - name: Compress Allocator VM directory id: compress_allocator_files if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == false run: | zip -P "${{ secrets.ZIP_ARTIFACTS_PASSWORD }}" -r $ALLOCATOR_PATH.zip $ALLOCATOR_PATH - + - name: Upload Allocator VM directory as artifact if: always() && steps.compress_allocator_files.outcome == 'success' && inputs.DESTROY == false uses: actions/upload-artifact@v4 @@ -209,4 +209,4 @@ jobs: - name: Delete allocated VM if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output $ALLOCATOR_PATH/track.yml - + diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 7736290..3dec98e 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -1,5 +1,5 @@ run-name: (Distributed) Test installation assistant - ${{ github.run_id }} - ${{ inputs.SYSTEMS }} - Launched by @${{ github.actor }} -name: (Distributed) Test installation assistant +name: (Distributed) Test installation assistant on: pull_request: @@ -68,7 +68,7 @@ permissions: jobs: run-test: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 strategy: fail-fast: false # If a job fails, the rest of jobs will not be canceled matrix: @@ -82,7 +82,7 @@ jobs: - name: View parameters run: echo "${{ toJson(inputs) }}" - + - name: Set COMPOSITE_NAME variable run: | case "${{ matrix.system }}" in @@ -123,7 +123,7 @@ jobs: - name: Install Ansible run: sudo apt-get update && sudo apt install -y python3 && python3 -m pip install --user ansible-core==2.16 && pip install pyyaml && ansible-galaxy collection install community.general - + - name: Set up AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -158,7 +158,7 @@ jobs: echo "[managers]" > $inventory_managers echo "[dashboards]" > $inventory_dashboards echo "[all:vars]" > $inventory_common - + for i in ${!instance_names[@]}; do instance_name=${instance_names[$i]} # Provision instance in parallel @@ -184,7 +184,7 @@ jobs: if [[ $i -eq 0 ]]; then echo "indexer1 ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file" >> $inventory_indexers echo "master ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_private_key_file=$ansible_ssh_private_key_file manager_type=master instance_type=indexer_manager" >> $inventory_managers - + echo "ansible_user=$ansible_user" >> $inventory_common echo "ansible_port=$ansible_port" >> $inventory_common echo "ansible_ssh_common_args='$ansible_ssh_common_args'" >> $inventory_common @@ -207,7 +207,7 @@ jobs: cat $inventory_managers >> $inventory_file cat $inventory_dashboards >> $inventory_file cat $inventory_common >> $inventory_file - + - name: Execute provision playbook run: | INSTALL_DEPS=true @@ -224,14 +224,14 @@ jobs: -e "install_python=$INSTALL_PYTHON" \ -e "install_pip_deps=$INSTALL_PIP_DEPS" \ "${{ inputs.VERBOSITY }}" - + - name: Execute certificates generation playbook run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_generate_certificates.yml \ -i $ALLOCATOR_PATH/inventory \ -e "resources_path=$RESOURCES_PATH" \ "${{ inputs.VERBOSITY }}" - + - name: Copy certificates to nodes run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_copy_certificates.yml \ @@ -249,7 +249,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - + - name: Execute indexer cluster start playbook run: | INDEXER_ADMIN_PASSWORD="admin" @@ -259,7 +259,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - + - name: Execute server installation playbook run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_install_wazuh.yml \ @@ -268,7 +268,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - + - name: Execute dashboard installation playbook run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_install_dashboard.yml \ @@ -277,7 +277,7 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "pkg_repository=$PKG_REPOSITORY" \ "${{ inputs.VERBOSITY }}" - + - name: Execute Python test playbook run: | ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_tests.yml \ @@ -286,13 +286,13 @@ jobs: -e "tmp_path=$TMP_PATH" \ -e "test_name=$TEST_NAME" \ "${{ inputs.VERBOSITY }}" - + - name: Compress Allocator VM directory id: compress_allocator_files if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == false run: | zip -P "${{ secrets.ZIP_ARTIFACTS_PASSWORD }}" -r $ALLOCATOR_PATH.zip $ALLOCATOR_PATH - + - name: Upload Allocator VM directory as artifact if: always() && steps.compress_allocator_files.outcome == 'success' && inputs.DESTROY == false uses: actions/upload-artifact@v4 @@ -304,13 +304,13 @@ jobs: if: always() && steps.allocator_instance.outcome == 'success' && inputs.DESTROY == true run: | instance_names=($INSTANCE_NAMES) - + for i in ${!instance_names[@]}; do instance_name=${instance_names[$i]} track_file="$ALLOCATOR_PATH/track_${instance_name}.yml" - + echo "Deleting instance: $instance_name using track file $track_file" - + ( # Delete instance python3 wazuh-automation/deployability/modules/allocation/main.py \ From 4240e02c0d9c61b2c246c6d27215ac52247c6c44 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Tue, 15 Oct 2024 16:01:10 -0300 Subject: [PATCH 119/126] Updated changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f16cf6c..a1010cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ All notable changes to this project will be documented in this file. ### Fixed +- Changed GitHub Runner version to fix Python error ([#110](https://github.com/wazuh/wazuh-installation-assistant/pull/110)) - Fixed Wazuh API validation ([#29](https://github.com/wazuh/wazuh-installation-assistant/pull/29)) - Fixed token variable empty in Wazuh manager check ([#45](https://github.com/wazuh/wazuh-installation-assistant/pull/45)) - Fixed manager check in distributed deployment ([#52](https://github.com/wazuh/wazuh-installation-assistant/pull/52)) From b0b73474044716b584fdb3eb765b909e1838007b Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Wed, 16 Oct 2024 16:34:19 +0200 Subject: [PATCH 120/126] Change variables name --- .github/workflows/builder_installation_assistant.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 95df83f..327a375 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -4,7 +4,7 @@ name: Build Installation Assistant on: workflow_dispatch: inputs: - WAZUH_INSTALLATION_ASSISTANT_REFERENCE: + wazuh_installation_assistant_reference: description: "Branch or tag of the wazuh-installation-assistant repository." required: true default: 4.10.0 @@ -22,7 +22,7 @@ on: required: false workflow_call: inputs: - WAZUH_INSTALLATION_ASSISTANT_REFERENCE: + wazuh_installation_assistant_reference: description: "Branch or tag of the wazuh-installation-assistant repository." type: string required: true @@ -40,7 +40,7 @@ on: required: false env: - S3_BUCKET: "packages-dev.internal.wazuh.com" + S3_BUCKET: ${{ vars.AWS_S3_BUCKET}} S3_REPOSITORY_PATH: "development/wazuh/4.x/secondary/installation-assistant" BUILDER_PATH: "builder.sh" WAZUH_INSTALL_NAME: "wazuh-install" @@ -62,7 +62,7 @@ jobs: - name: Checkout wazuh-installation-assistant repository uses: actions/checkout@v4 with: - ref: ${{ inputs.WAZUH_INSTALLATION_ASSISTANT_REFERENCE }} + ref: ${{ inputs.wazuh_installation_assistant_reference }} - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@v3 @@ -127,7 +127,7 @@ jobs: run: | aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512" - echo "S3 sha512 wazuh-install-tool checksum URI: ${s3uri}" + echo "S3 sha512 wazuh-install checksum URI: ${s3uri}" aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512 s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512" echo "S3 sha512 wazuh-certs-tool checksum URI: ${s3uri}" From 5b13891fad71aa426ab3e0201271faa1eb7d55a9 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Wed, 16 Oct 2024 16:42:20 +0200 Subject: [PATCH 121/126] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a1010cd..4c1e559 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ All notable changes to this project will be documented in this file. ### Changed +- Add checksum input and update the upload files to S3 steps ([#106](https://github.com/wazuh/wazuh-installation-assistant/pull/106)) - Deleted the offline_checkDependencies function and unified logic in offline_checkPrerequisites function. ([#99](https://github.com/wazuh/wazuh-installation-assistant/pull/99)) - Add input for wazuh installation assistant reference in workflows. ([#98](https://github.com/wazuh/wazuh-installation-assistant/pull/98)) - Create GHA workflow to build Wazuh Installation Assistant files. ([#77](https://github.com/wazuh/wazuh-installation-assistant/pull/77)) From d24d2a57e4896e13460928bbef3ec583a6b9020a Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Wed, 16 Oct 2024 16:47:07 +0200 Subject: [PATCH 122/126] Fix s3 bucket env variable --- .github/workflows/builder_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 327a375..faea88f 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -40,7 +40,7 @@ on: required: false env: - S3_BUCKET: ${{ vars.AWS_S3_BUCKET}} + S3_BUCKET: ${{ vars.AWS_S3_BUCKET }} S3_REPOSITORY_PATH: "development/wazuh/4.x/secondary/installation-assistant" BUILDER_PATH: "builder.sh" WAZUH_INSTALL_NAME: "wazuh-install" From 632a162490e50ecc8578362cecb67dd6f61d6e3a Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Wed, 16 Oct 2024 16:52:44 +0200 Subject: [PATCH 123/126] Remove -tool from echo in upload files to S3 step --- .github/workflows/builder_installation_assistant.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index faea88f..892d6ac 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -114,7 +114,7 @@ jobs: run: | aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}" - echo "S3 wazuh-install-tool URI: ${s3uri}" + echo "S3 wazuh-install URI: ${s3uri}" aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}" echo "S3 wazuh-certs-tool URI: ${s3uri}" From 7aa178bc98d8d38b5b949d6ee14b2c29c7ac6b87 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 17 Oct 2024 12:36:24 -0300 Subject: [PATCH 124/126] Merge 4.10.0 into 4.10.1 --- .github/workflows/Test_installation_assistant.yml | 4 ++-- .../Test_installation_assistant_distributed.yml | 4 ++-- .../workflows/builder_installation_assistant.yml | 14 +++++++------- .github/workflows/offline-installation.yml | 2 +- builder.sh | 2 +- install_functions/installVariables.sh | 2 +- tests/unit/suites/test-common.sh | 6 +++--- tests/unit/suites/test-dashboard.sh | 10 +++++----- tests/unit/suites/test-indexer.sh | 8 ++++---- 9 files changed, 26 insertions(+), 26 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index ee739ee..3eab02f 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -23,11 +23,11 @@ on: WAZUH_INSTALLATION_ASSISTANT_REFERENCE: description: 'Branch or tag of the wazuh-installation-assistant repository' required: true - default: '4.10.0' + default: '4.10.1' AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: '4.10.0' + default: '4.10.1' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 3dec98e..bc80f6e 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -23,11 +23,11 @@ on: WAZUH_INSTALLATION_ASSISTANT_REFERENCE: description: 'Branch or tag of the wazuh-installation-assistant repository' required: true - default: '4.10.0' + default: '4.10.1' AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: '4.10.0' + default: '4.10.1' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 892d6ac..0414b05 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -7,7 +7,7 @@ on: wazuh_installation_assistant_reference: description: "Branch or tag of the wazuh-installation-assistant repository." required: true - default: 4.10.0 + default: 4.10.1 is_stage: description: "Is stage?" type: boolean @@ -26,7 +26,7 @@ on: description: "Branch or tag of the wazuh-installation-assistant repository." type: string required: true - default: 4.10.0 + default: 4.10.1 is_stage: description: "Is stage?" type: boolean @@ -63,13 +63,13 @@ jobs: uses: actions/checkout@v4 with: ref: ${{ inputs.wazuh_installation_assistant_reference }} - + - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@v3 with: role-to-assume: ${{ secrets.AWS_IAM_ROLE }} aws-region: us-east-1 - + - name: Get short sha and wazuh version run: | COMMIT_SHORT_SHA=$(git rev-parse --short ${{ github.sha }}) @@ -86,7 +86,7 @@ jobs: - name: Build Installation Assistant packages run: bash builder.sh -i -c -p - + - name: Save files name run: | WAZUH_INSTALL_NAME=$(ls ${{ github.workspace }}/${{ env.WAZUH_INSTALL_NAME }}*.sh | xargs basename) @@ -102,14 +102,14 @@ jobs: mv ${{ env.WAZUH_INSTALL_NAME }} ${{ github.workspace }}/${{ env.WAZUH_VERSION }} mv ${{ env.WAZUH_CERT_TOOL_NAME }} ${{ github.workspace }}/${{ env.WAZUH_VERSION }} mv ${{ env.WAZUH_PASSWORD_TOOL_NAME }} ${{ github.workspace }}/${{ env.WAZUH_VERSION }} - + - name: Build packages checksum if: ${{ inputs.checksum == true }} run: | sha512sum ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }} > ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }}.sha512 sha512sum ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }} > ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_CERT_TOOL_NAME }}.sha512 sha512sum ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }} > ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_PASSWORD_TOOL_NAME }}.sha512 - + - name: Upload files to S3 run: | aws s3 cp ${{ github.workspace }}/${{ env.WAZUH_VERSION }}/${{ env.WAZUH_INSTALL_NAME }} s3://${{ env.S3_BUCKET }}/${{ env.S3_REPOSITORY_PATH }}/${{ env.WAZUH_VERSION }}/ diff --git a/.github/workflows/offline-installation.yml b/.github/workflows/offline-installation.yml index 4cb80b0..3e841b6 100644 --- a/.github/workflows/offline-installation.yml +++ b/.github/workflows/offline-installation.yml @@ -9,7 +9,7 @@ on: WAZUH_INSTALLATION_ASSISTANT_REFERENCE: description: "Branch or tag of the wazuh-installation-assistant repository." required: true - default: 4.10.0 + default: 4.10.1 jobs: Build-wazuh-install-script: diff --git a/builder.sh b/builder.sh index 6b551bd..95d1b63 100755 --- a/builder.sh +++ b/builder.sh @@ -16,7 +16,7 @@ readonly resources_certs="${base_path_builder}/cert_tool" readonly resources_passwords="${base_path_builder}/passwords_tool" readonly resources_common="${base_path_builder}/common_functions" readonly resources_download="${base_path_builder}/downloader" -source_branch="v4.10.0" +source_branch="v4.10.1" function getHelp() { diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 2f1b7ab..229153a 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -8,7 +8,7 @@ ## Package vars readonly wazuh_major="4.10" -readonly wazuh_version="4.10.0" +readonly wazuh_version="4.10.1" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" source_branch="v${wazuh_version}" diff --git a/tests/unit/suites/test-common.sh b/tests/unit/suites/test-common.sh index 30fd60e..6f13fe4 100644 --- a/tests/unit/suites/test-common.sh +++ b/tests/unit/suites/test-common.sh @@ -61,7 +61,7 @@ test-04-common_checkInstalled-all-installed-yum() { @mocktrue yum list installed - @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.10.0-1 @wazuh + @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.10.1-1 @wazuh @mkdir /var/ossec @mock grep wazuh-indexer === @echo wazuh-indexer.x86_64 1.13.2-1 @wazuh @@ -105,10 +105,10 @@ test-04-common_checkInstalled-all-installed-yum() { } test-05-common_checkInstalled-all-installed-yum-assert() { - @echo "wazuh-manager.x86_64 4.10.0-1 @wazuh" + @echo "wazuh-manager.x86_64 4.10.1-1 @wazuh" @echo 1 - @echo "wazuh-indexer.x86_64 4.6.0-1 @wazuh" + @echo "wazuh-indexer.x86_64 4.10.1-1 @wazuh" @echo 1 @echo "filebeat.x86_64 7.10.2-1 @wazuh" diff --git a/tests/unit/suites/test-dashboard.sh b/tests/unit/suites/test-dashboard.sh index facc0f9..707d200 100644 --- a/tests/unit/suites/test-dashboard.sh +++ b/tests/unit/suites/test-dashboard.sh @@ -6,7 +6,7 @@ source "${base_dir}"/bach.sh @setup-test { @ignore common_logger k_certs_path="/etc/wazuh-dashboard/certs/" - wazuh_version="4.10.0" + wazuh_version="4.10.1" elasticsearch_oss_version="7.10.2" wazuh_kibana_plugin_revision="1" repobaseurl="https://packages.wazuh.com/4.x" @@ -55,7 +55,7 @@ test-03-dashboard_install-yum() { load-dashboard_install sys_type="yum" sep="-" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" dashboard_install } @@ -68,7 +68,7 @@ test-ASSERT-FAIL-04-dashboard_install-yum-error() { load-dashboard_install sys_type="yum" sep="-" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" @mockfalse yum install wazuh-dashboard-1.13.2-1 -y dashboard_install @@ -78,7 +78,7 @@ test-05-dashboard_install-apt() { load-dashboard_install sys_type="apt-get" sep="=" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" dashboard_install } @@ -91,7 +91,7 @@ test-ASSERT-FAIL-06-dashboard_install-apt-error() { load-dashboard_install sys_type="apt-get" sep="=" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" @mockfalse apt install wazuh-dashboard=1.13.2-1 -y dashboard_install diff --git a/tests/unit/suites/test-indexer.sh b/tests/unit/suites/test-indexer.sh index 7f5ab1e..cdaf053 100644 --- a/tests/unit/suites/test-indexer.sh +++ b/tests/unit/suites/test-indexer.sh @@ -49,7 +49,7 @@ test-03-indexer_install-yum() { load-indexer_install sys_type="yum" sep="-" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" indexer_install } @@ -63,7 +63,7 @@ test-ASSERT-FAIL-04-indexer_install-yum-error() { load-indexer_install sys_type="yum" sep="-" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" @mockfalse yum install wazuh-indexer-1.13.2-1 -y indexer_install @@ -73,7 +73,7 @@ test-05-indexer_install-apt() { load-indexer_install sys_type="apt-get" sep="=" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" indexer_install } @@ -87,7 +87,7 @@ test-ASSERT-FAIL-06-indexer_install-apt-error() { load-indexer_install sys_type="apt-get" sep="=" - wazuh_version="4.10.0" + wazuh_version="4.10.1" wazuh_revision="1" @mockfalse apt install wazuh-indexer=1.13.2-1 -y indexer_install From 13b9b643326c4fa6d3c16f51b12f84d2d40ad727 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 17 Oct 2024 12:52:27 -0300 Subject: [PATCH 125/126] Merge 4.10.1 into 4.10.2 --- .github/workflows/Test_installation_assistant.yml | 4 ++-- .../Test_installation_assistant_distributed.yml | 4 ++-- .github/workflows/builder_installation_assistant.yml | 4 ++-- .github/workflows/offline-installation.yml | 2 +- VERSION | 2 +- builder.sh | 2 +- install_functions/installVariables.sh | 2 +- tests/unit/suites/test-common.sh | 6 +++--- tests/unit/suites/test-dashboard.sh | 10 +++++----- tests/unit/suites/test-indexer.sh | 8 ++++---- 10 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 3eab02f..09f9158 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -23,11 +23,11 @@ on: WAZUH_INSTALLATION_ASSISTANT_REFERENCE: description: 'Branch or tag of the wazuh-installation-assistant repository' required: true - default: '4.10.1' + default: '4.10.2' AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: '4.10.1' + default: '4.10.2' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index bc80f6e..75215dc 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -23,11 +23,11 @@ on: WAZUH_INSTALLATION_ASSISTANT_REFERENCE: description: 'Branch or tag of the wazuh-installation-assistant repository' required: true - default: '4.10.1' + default: '4.10.2' AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: '4.10.1' + default: '4.10.2' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 0414b05..2446b8e 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -7,7 +7,7 @@ on: wazuh_installation_assistant_reference: description: "Branch or tag of the wazuh-installation-assistant repository." required: true - default: 4.10.1 + default: 4.10.2 is_stage: description: "Is stage?" type: boolean @@ -26,7 +26,7 @@ on: description: "Branch or tag of the wazuh-installation-assistant repository." type: string required: true - default: 4.10.1 + default: 4.10.2 is_stage: description: "Is stage?" type: boolean diff --git a/.github/workflows/offline-installation.yml b/.github/workflows/offline-installation.yml index 3e841b6..915397f 100644 --- a/.github/workflows/offline-installation.yml +++ b/.github/workflows/offline-installation.yml @@ -9,7 +9,7 @@ on: WAZUH_INSTALLATION_ASSISTANT_REFERENCE: description: "Branch or tag of the wazuh-installation-assistant repository." required: true - default: 4.10.1 + default: 4.10.2 jobs: Build-wazuh-install-script: diff --git a/VERSION b/VERSION index ad96464..0216ba3 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.10.1 +4.10.2 diff --git a/builder.sh b/builder.sh index 95d1b63..0b7638a 100755 --- a/builder.sh +++ b/builder.sh @@ -16,7 +16,7 @@ readonly resources_certs="${base_path_builder}/cert_tool" readonly resources_passwords="${base_path_builder}/passwords_tool" readonly resources_common="${base_path_builder}/common_functions" readonly resources_download="${base_path_builder}/downloader" -source_branch="v4.10.1" +source_branch="v4.10.2" function getHelp() { diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 229153a..20e4a43 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -8,7 +8,7 @@ ## Package vars readonly wazuh_major="4.10" -readonly wazuh_version="4.10.1" +readonly wazuh_version="4.10.2" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" source_branch="v${wazuh_version}" diff --git a/tests/unit/suites/test-common.sh b/tests/unit/suites/test-common.sh index 6f13fe4..faa2d83 100644 --- a/tests/unit/suites/test-common.sh +++ b/tests/unit/suites/test-common.sh @@ -61,7 +61,7 @@ test-04-common_checkInstalled-all-installed-yum() { @mocktrue yum list installed - @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.10.1-1 @wazuh + @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.10.2-1 @wazuh @mkdir /var/ossec @mock grep wazuh-indexer === @echo wazuh-indexer.x86_64 1.13.2-1 @wazuh @@ -105,10 +105,10 @@ test-04-common_checkInstalled-all-installed-yum() { } test-05-common_checkInstalled-all-installed-yum-assert() { - @echo "wazuh-manager.x86_64 4.10.1-1 @wazuh" + @echo "wazuh-manager.x86_64 4.10.2-1 @wazuh" @echo 1 - @echo "wazuh-indexer.x86_64 4.10.1-1 @wazuh" + @echo "wazuh-indexer.x86_64 4.10.2-1 @wazuh" @echo 1 @echo "filebeat.x86_64 7.10.2-1 @wazuh" diff --git a/tests/unit/suites/test-dashboard.sh b/tests/unit/suites/test-dashboard.sh index 707d200..d0dfa96 100644 --- a/tests/unit/suites/test-dashboard.sh +++ b/tests/unit/suites/test-dashboard.sh @@ -6,7 +6,7 @@ source "${base_dir}"/bach.sh @setup-test { @ignore common_logger k_certs_path="/etc/wazuh-dashboard/certs/" - wazuh_version="4.10.1" + wazuh_version="4.10.2" elasticsearch_oss_version="7.10.2" wazuh_kibana_plugin_revision="1" repobaseurl="https://packages.wazuh.com/4.x" @@ -55,7 +55,7 @@ test-03-dashboard_install-yum() { load-dashboard_install sys_type="yum" sep="-" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" dashboard_install } @@ -68,7 +68,7 @@ test-ASSERT-FAIL-04-dashboard_install-yum-error() { load-dashboard_install sys_type="yum" sep="-" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" @mockfalse yum install wazuh-dashboard-1.13.2-1 -y dashboard_install @@ -78,7 +78,7 @@ test-05-dashboard_install-apt() { load-dashboard_install sys_type="apt-get" sep="=" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" dashboard_install } @@ -91,7 +91,7 @@ test-ASSERT-FAIL-06-dashboard_install-apt-error() { load-dashboard_install sys_type="apt-get" sep="=" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" @mockfalse apt install wazuh-dashboard=1.13.2-1 -y dashboard_install diff --git a/tests/unit/suites/test-indexer.sh b/tests/unit/suites/test-indexer.sh index cdaf053..808fa44 100644 --- a/tests/unit/suites/test-indexer.sh +++ b/tests/unit/suites/test-indexer.sh @@ -49,7 +49,7 @@ test-03-indexer_install-yum() { load-indexer_install sys_type="yum" sep="-" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" indexer_install } @@ -63,7 +63,7 @@ test-ASSERT-FAIL-04-indexer_install-yum-error() { load-indexer_install sys_type="yum" sep="-" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" @mockfalse yum install wazuh-indexer-1.13.2-1 -y indexer_install @@ -73,7 +73,7 @@ test-05-indexer_install-apt() { load-indexer_install sys_type="apt-get" sep="=" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" indexer_install } @@ -87,7 +87,7 @@ test-ASSERT-FAIL-06-indexer_install-apt-error() { load-indexer_install sys_type="apt-get" sep="=" - wazuh_version="4.10.1" + wazuh_version="4.10.2" wazuh_revision="1" @mockfalse apt install wazuh-indexer=1.13.2-1 -y indexer_install From 33f313b02bf5ffe6d3e19653ee2b32bb0d4ff930 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 17 Oct 2024 13:03:03 -0300 Subject: [PATCH 126/126] Merge 4.10.2 into main --- .github/workflows/Test_installation_assistant.yml | 4 ++-- .../Test_installation_assistant_distributed.yml | 4 ++-- .github/workflows/builder_installation_assistant.yml | 4 ++-- .github/workflows/offline-installation.yml | 2 +- VERSION | 2 +- builder.sh | 2 +- install_functions/installVariables.sh | 4 ++-- tests/unit/suites/test-common.sh | 6 +++--- tests/unit/suites/test-dashboard.sh | 10 +++++----- tests/unit/suites/test-indexer.sh | 8 ++++---- 10 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/Test_installation_assistant.yml b/.github/workflows/Test_installation_assistant.yml index 09f9158..81e5178 100644 --- a/.github/workflows/Test_installation_assistant.yml +++ b/.github/workflows/Test_installation_assistant.yml @@ -23,11 +23,11 @@ on: WAZUH_INSTALLATION_ASSISTANT_REFERENCE: description: 'Branch or tag of the wazuh-installation-assistant repository' required: true - default: '4.10.2' + default: 'main' AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: '4.10.2' + default: 'master' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true diff --git a/.github/workflows/Test_installation_assistant_distributed.yml b/.github/workflows/Test_installation_assistant_distributed.yml index 75215dc..9dd4e2b 100644 --- a/.github/workflows/Test_installation_assistant_distributed.yml +++ b/.github/workflows/Test_installation_assistant_distributed.yml @@ -23,11 +23,11 @@ on: WAZUH_INSTALLATION_ASSISTANT_REFERENCE: description: 'Branch or tag of the wazuh-installation-assistant repository' required: true - default: '4.10.2' + default: 'main' AUTOMATION_REFERENCE: description: 'Branch or tag of the wazuh-automation repository' required: true - default: '4.10.2' + default: 'master' SYSTEMS: description: 'Operating Systems (list of comma-separated quoted strings enclosed in square brackets)' required: true diff --git a/.github/workflows/builder_installation_assistant.yml b/.github/workflows/builder_installation_assistant.yml index 2446b8e..8d46475 100644 --- a/.github/workflows/builder_installation_assistant.yml +++ b/.github/workflows/builder_installation_assistant.yml @@ -7,7 +7,7 @@ on: wazuh_installation_assistant_reference: description: "Branch or tag of the wazuh-installation-assistant repository." required: true - default: 4.10.2 + default: main is_stage: description: "Is stage?" type: boolean @@ -26,7 +26,7 @@ on: description: "Branch or tag of the wazuh-installation-assistant repository." type: string required: true - default: 4.10.2 + default: main is_stage: description: "Is stage?" type: boolean diff --git a/.github/workflows/offline-installation.yml b/.github/workflows/offline-installation.yml index 915397f..3387251 100644 --- a/.github/workflows/offline-installation.yml +++ b/.github/workflows/offline-installation.yml @@ -9,7 +9,7 @@ on: WAZUH_INSTALLATION_ASSISTANT_REFERENCE: description: "Branch or tag of the wazuh-installation-assistant repository." required: true - default: 4.10.2 + default: main jobs: Build-wazuh-install-script: diff --git a/VERSION b/VERSION index 0216ba3..0062ac9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.10.2 +5.0.0 diff --git a/builder.sh b/builder.sh index 0b7638a..ad9017b 100755 --- a/builder.sh +++ b/builder.sh @@ -16,7 +16,7 @@ readonly resources_certs="${base_path_builder}/cert_tool" readonly resources_passwords="${base_path_builder}/passwords_tool" readonly resources_common="${base_path_builder}/common_functions" readonly resources_download="${base_path_builder}/downloader" -source_branch="v4.10.2" +source_branch="v5.0.0" function getHelp() { diff --git a/install_functions/installVariables.sh b/install_functions/installVariables.sh index 20e4a43..9f014fe 100644 --- a/install_functions/installVariables.sh +++ b/install_functions/installVariables.sh @@ -7,8 +7,8 @@ # Foundation. ## Package vars -readonly wazuh_major="4.10" -readonly wazuh_version="4.10.2" +readonly wazuh_major="5.0" +readonly wazuh_version="5.0.0" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" source_branch="v${wazuh_version}" diff --git a/tests/unit/suites/test-common.sh b/tests/unit/suites/test-common.sh index faa2d83..31f5a45 100644 --- a/tests/unit/suites/test-common.sh +++ b/tests/unit/suites/test-common.sh @@ -61,7 +61,7 @@ test-04-common_checkInstalled-all-installed-yum() { @mocktrue yum list installed - @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.10.2-1 @wazuh + @mock grep wazuh-manager === @echo wazuh-manager.x86_64 5.0.0-1 @wazuh @mkdir /var/ossec @mock grep wazuh-indexer === @echo wazuh-indexer.x86_64 1.13.2-1 @wazuh @@ -105,10 +105,10 @@ test-04-common_checkInstalled-all-installed-yum() { } test-05-common_checkInstalled-all-installed-yum-assert() { - @echo "wazuh-manager.x86_64 4.10.2-1 @wazuh" + @echo "wazuh-manager.x86_64 5.0.0-1 @wazuh" @echo 1 - @echo "wazuh-indexer.x86_64 4.10.2-1 @wazuh" + @echo "wazuh-indexer.x86_64 5.0.0-1 @wazuh" @echo 1 @echo "filebeat.x86_64 7.10.2-1 @wazuh" diff --git a/tests/unit/suites/test-dashboard.sh b/tests/unit/suites/test-dashboard.sh index d0dfa96..ba81110 100644 --- a/tests/unit/suites/test-dashboard.sh +++ b/tests/unit/suites/test-dashboard.sh @@ -6,7 +6,7 @@ source "${base_dir}"/bach.sh @setup-test { @ignore common_logger k_certs_path="/etc/wazuh-dashboard/certs/" - wazuh_version="4.10.2" + wazuh_version="5.0.0" elasticsearch_oss_version="7.10.2" wazuh_kibana_plugin_revision="1" repobaseurl="https://packages.wazuh.com/4.x" @@ -55,7 +55,7 @@ test-03-dashboard_install-yum() { load-dashboard_install sys_type="yum" sep="-" - wazuh_version="4.10.2" + wazuh_version="5.0.0" wazuh_revision="1" dashboard_install } @@ -68,7 +68,7 @@ test-ASSERT-FAIL-04-dashboard_install-yum-error() { load-dashboard_install sys_type="yum" sep="-" - wazuh_version="4.10.2" + wazuh_version="5.0.0" wazuh_revision="1" @mockfalse yum install wazuh-dashboard-1.13.2-1 -y dashboard_install @@ -78,7 +78,7 @@ test-05-dashboard_install-apt() { load-dashboard_install sys_type="apt-get" sep="=" - wazuh_version="4.10.2" + wazuh_version="5.0.0" wazuh_revision="1" dashboard_install } @@ -91,7 +91,7 @@ test-ASSERT-FAIL-06-dashboard_install-apt-error() { load-dashboard_install sys_type="apt-get" sep="=" - wazuh_version="4.10.2" + wazuh_version="5.0.0" wazuh_revision="1" @mockfalse apt install wazuh-dashboard=1.13.2-1 -y dashboard_install diff --git a/tests/unit/suites/test-indexer.sh b/tests/unit/suites/test-indexer.sh index 808fa44..7e2e831 100644 --- a/tests/unit/suites/test-indexer.sh +++ b/tests/unit/suites/test-indexer.sh @@ -49,7 +49,7 @@ test-03-indexer_install-yum() { load-indexer_install sys_type="yum" sep="-" - wazuh_version="4.10.2" + wazuh_version="5.0.0" wazuh_revision="1" indexer_install } @@ -63,7 +63,7 @@ test-ASSERT-FAIL-04-indexer_install-yum-error() { load-indexer_install sys_type="yum" sep="-" - wazuh_version="4.10.2" + wazuh_version="5.0.0" wazuh_revision="1" @mockfalse yum install wazuh-indexer-1.13.2-1 -y indexer_install @@ -73,7 +73,7 @@ test-05-indexer_install-apt() { load-indexer_install sys_type="apt-get" sep="=" - wazuh_version="4.10.2" + wazuh_version="5.0.0" wazuh_revision="1" indexer_install } @@ -87,7 +87,7 @@ test-ASSERT-FAIL-06-indexer_install-apt-error() { load-indexer_install sys_type="apt-get" sep="=" - wazuh_version="4.10.2" + wazuh_version="5.0.0" wazuh_revision="1" @mockfalse apt install wazuh-indexer=1.13.2-1 -y indexer_install