Migrated repository selection from builder.sh to wazuh-install.sh

.github/workflows/Test_installation_assistant.yml

@@ -160,7 +160,6 @@ jobs:
         -e "repository=$REPOSITORY_URL" \
         -e "reference=${{ github.ref_name }}" \
         -e "tmp_path=$TMP_PATH" \
-        -e "pkg_repository=$PKG_REPOSITORY" \
         -e "install_deps=$INSTALL_DEPS" \
         -e "install_python=$INSTALL_PYTHON" \
         -e "install_pip_deps=$INSTALL_PIP_DEPS" \
@@ -174,6 +173,7 @@ jobs:
         -e "tmp_path=$TMP_PATH" \
         -e "logs_path=$LOGS_PATH" \
         -e "test_name=$TEST_NAME" \
+        -e "pkg_repository=$PKG_REPOSITORY" \
         "${{ inputs.VERBOSITY }}"
 
     - name: Execute Python test playbook

.github/workflows/Test_installation_assistant_distributed.yml

@@ -214,7 +214,6 @@ jobs:
         -e "repository=$REPOSITORY_URL" \
         -e "reference=${{ github.ref_name }}" \
         -e "tmp_path=$TMP_PATH" \
-        -e "pkg_repository=$PKG_REPOSITORY" \
         -e "install_deps=$INSTALL_DEPS" \
         -e "install_python=$INSTALL_PYTHON" \
         -e "install_pip_deps=$INSTALL_PIP_DEPS" \
@@ -225,7 +224,6 @@ jobs:
         ANSIBLE_STDOUT_CALLBACK=$ANSIBLE_CALLBACK ansible-playbook .github/workflows/ansible-playbooks/distributed_generate_certificates.yml \
         -i $ALLOCATOR_PATH/inventory \
         -e "resources_path=$RESOURCES_PATH" \
-        -e "pkg_repository=$PKG_REPOSITORY" \
         "${{ inputs.VERBOSITY }}"
 
     - name: Copy certificates to nodes
@@ -243,6 +241,7 @@ jobs:
         -i $ALLOCATOR_PATH/inventory \
         -l indexers \
         -e "tmp_path=$TMP_PATH" \
+        -e "pkg_repository=$PKG_REPOSITORY" \
         "${{ inputs.VERBOSITY }}"
 
     - name: Execute indexer cluster start playbook
@@ -252,6 +251,7 @@ jobs:
         -i $ALLOCATOR_PATH/inventory \
         -l indexers \
         -e "tmp_path=$TMP_PATH" \
+        -e "pkg_repository=$PKG_REPOSITORY" \
         "${{ inputs.VERBOSITY }}"
 
     - name: Execute server installation playbook
@@ -260,6 +260,7 @@ jobs:
         -i $ALLOCATOR_PATH/inventory \
         -l managers \
         -e "tmp_path=$TMP_PATH" \
+        -e "pkg_repository=$PKG_REPOSITORY" \
         "${{ inputs.VERBOSITY }}"
 
     - name: Execute dashboard installation playbook
@@ -268,6 +269,7 @@ jobs:
         -i $ALLOCATOR_PATH/inventory \
         -l dashboards \
         -e "tmp_path=$TMP_PATH" \
+        -e "pkg_repository=$PKG_REPOSITORY" \
         "${{ inputs.VERBOSITY }}"
 
     - name: Execute Python test playbook

.github/workflows/ansible-playbooks/aio.yml

@@ -4,11 +4,12 @@
 
     vars:
       script_path: "{{ tmp_path }}"
+      pkg_repository: "{{ pkg_repository }}"
       script_name: "wazuh-install.sh"
 
     tasks:
       - name: Test assistant AIO install
-        command: "bash {{ script_name }} -a -v"
+        command: "bash {{ script_name }} -a -v -d {{ pkg_repository }}"
         args:
           chdir: "{{ script_path }}"
         register: install_results

.github/workflows/ansible-playbooks/distributed_generate_certificates.yml

@@ -4,7 +4,6 @@
 
   vars:
     resources_path: "{{ resources_path }}"
-    pkg_repository: "{{ pkg_repository }}"
 
   tasks:
     - name: Create certificates
@@ -17,7 +16,7 @@
             force: yes
 
         - name: Creating wazuh-install.sh script
-          shell: "bash {{ resources_path }}/builder.sh -i -d {{ pkg_repository }}"
+          shell: "bash {{ resources_path }}/builder.sh -i"
 
         - name: Creating Certificates
           shell: "bash {{ resources_path }}/wazuh-install.sh -g -v"

.github/workflows/ansible-playbooks/distributed_install_dashboard.yml

@@ -5,10 +5,11 @@
 
   vars:
     tmp_path: "{{ tmp_path }}"
+    pkg_repository: "{{ pkg_repository }}"
 
   tasks:
     - name: Install Wazuh dashboard
-      command: "bash wazuh-install.sh -wd {{ inventory_hostname }} -v"
+      command: "bash wazuh-install.sh -wd {{ inventory_hostname }} -v -d {{ pkg_repository }}"
       args:
         chdir: "{{ tmp_path }}"
       register: dashboard

.github/workflows/ansible-playbooks/distributed_install_indexer.yml

@@ -5,9 +5,10 @@
 
     vars:
       tmp_path: "{{ tmp_path }}"
+      pkg_repository: "{{ pkg_repository }}"
 
     tasks:
       - name: Install Wazuh indexer
-        command: "bash {{ tmp_path }}/wazuh-install.sh -wi {{ inventory_hostname }} -v"
+        command: "bash {{ tmp_path }}/wazuh-install.sh -wi {{ inventory_hostname }} -v -d {{ pkg_repository }}"
         register: indexer
 

.github/workflows/ansible-playbooks/distributed_install_wazuh.yml

@@ -6,11 +6,12 @@
   vars:
     tmp_path: "{{ tmp_path }}"
     master_ip: "{{ hostvars[groups['managers'] | select('match', 'master') | first]['private_ip'] }}"
+    pkg_repository: "{{ pkg_repository }}"
     check_port: 55000
 
   tasks:
     - name: Install Wazuh server on master
-      command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v"
+      command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v -d {{ pkg_repository }}"
       register: wazuh
       when: hostvars[inventory_hostname].manager_type == 'master'
 
@@ -27,7 +28,7 @@
           poll: 5
 
         - name: Install Wazuh server (Workers)
-          command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v"
+          command: "bash {{ tmp_path }}/wazuh-install.sh -ws {{ inventory_hostname }} -v -d {{ pkg_repository }}"
           register: wazuh
       when: hostvars[inventory_hostname].manager_type == 'worker'
 

.github/workflows/ansible-playbooks/distributed_start_indexer_cluster.yml

@@ -5,12 +5,13 @@
 
   vars:
     tmp_path: "{{ tmp_path }}"
+    pkg_repository: "{{ pkg_repository }}"
 
   tasks:
     - name: Start Wazuh indexer cluster in just one node
       block:
         - name: Start Wazuh indexer cluster
-          command: "bash {{ tmp_path }}/wazuh-install.sh -s -v"
+          command: "bash {{ tmp_path }}/wazuh-install.sh -s -v -d {{ pkg_repository }}"
           register: cluster
       when: inventory_hostname == ansible_play_hosts[0]
 

.github/workflows/ansible-playbooks/provision.yml

@@ -170,9 +170,5 @@
         force: true
 
     - name: Generate Installation assistant
-      command: "bash {{ tmp_path }}/builder.sh -i -d"
+      command: "bash {{ tmp_path }}/builder.sh -i"
 
-    - name: Change pre-release repository to selected one
-      command: "sed -i 's|pre-release|{{ pkg_repository }}|g' {{ script_name }}"
-      args:
-        chdir: "{{ script_path }}"

.github/workflows/offline-installation.yml

@@ -20,7 +20,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Build wazuh-install script and use staging packages
-        run: bash builder.sh -i -d staging
+        run: bash builder.sh -i
 
       - uses: actions/upload-artifact@v3
         with:

builder.sh

@@ -34,9 +34,6 @@ function getHelp() {
     echo -e "        -c,  --cert-tool"
     echo -e "                Builds the certificate creation tool wazuh-cert-tool.sh"
     echo -e ""
-    echo -e "        -d [pre-release|staging],  --development"
-    echo -e "                Use development repositories. By default it uses the pre-release package repository. If staging is specified, it will use that repository."
-    echo -e ""
     echo -e "        -p,  --password-tool"
     echo -e "                Builds the password creation and modification tool wazuh-password-tool.sh"
     echo -e ""
@@ -65,29 +62,6 @@ function buildInstaller() {
 # Foundation." >> "${output_script_path}"
     echo >> "${output_script_path}"
 
-    ## Installation variables
-    if [ -n "${development}" ]; then
-        echo 'readonly development=1' >> "${output_script_path}"
-        echo 'readonly repogpg="https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH"' >> "${output_script_path}"
-        echo 'readonly repobaseurl="https://packages-dev.wazuh.com/'${devrepo}'"' >> "${output_script_path}"
-        echo 'readonly reporelease="unstable"' >> "${output_script_path}"
-        echo 'readonly filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.4.tar.gz"' >> "${output_script_path}"
-        echo 'readonly bucket="packages-dev.wazuh.com"' >> "${output_script_path}"
-        echo 'readonly repository="'"${devrepo}"'"' >> "${output_script_path}"
-        if [[ ! $(grep -E "source_branch=" "${resources_installer}/installVariables.sh" | sed -E 's/.*source_branch="([^"]+)"/\1/') =~ "-" ]]; then
-            sed -i 's|v${wazuh_version}|${wazuh_version}|g' "${resources_installer}/installVariables.sh"
-            pre_release_tag=1
-        fi
-    else
-        echo 'readonly repogpg="https://packages.wazuh.com/key/GPG-KEY-WAZUH"' >> "${output_script_path}"
-        echo 'readonly repobaseurl="https://packages.wazuh.com/4.x"' >> "${output_script_path}"
-        echo 'readonly reporelease="stable"' >> "${output_script_path}"
-        echo 'readonly filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.4.tar.gz"' >> "${output_script_path}"
-        echo 'readonly bucket="packages.wazuh.com"' >> "${output_script_path}"
-        echo 'readonly repository="4.x"' >> "${output_script_path}"
-    fi
-    echo >> "${output_script_path}"
-    checkFilebeatURL
     grep -Ev '^#|^\s*$' ${resources_common}/commonVariables.sh >> "${output_script_path}"
     grep -Ev '^#|^\s*$' ${resources_installer}/installVariables.sh >> "${output_script_path}"
     echo >> "${output_script_path}"
@@ -235,19 +209,6 @@ function builder_main() {
                 certTool=1
                 shift 1
                 ;;
-            "-d"|"--development")
-                development=1
-                if [ -n "${2}" ] && [ "${2}" = "staging" ]; then
-                    devrepo="staging"
-                    shift 2
-                elif [ -n "${2}" ] && [ "${2}" = "pre-release" ]; then
-                    devrepo="pre-release"
-                    shift 2
-                else
-                    devrepo="pre-release"
-                    shift 1
-                fi
-                ;;
             "-p"|"--password-tool")
                 passwordsTool=1
                 shift 1
@@ -264,12 +225,6 @@ function builder_main() {
     if [ -n "${installer}" ]; then
         buildInstaller
         chmod 500 ${output_script_path}
-        if [ -n "${change_filebeat_url}" ]; then
-            sed -i -E "s|(https.+)master(.+wazuh-template.json)|\1\\$\\{source_branch\\}\2|"  "${resources_installer}/installVariables.sh"
-        fi
-        if [[ -n "${development}" && -n "${pre_release_tag}" ]]; then
-            sed -i 's|${wazuh_version}|v${wazuh_version}|g' "${resources_installer}/installVariables.sh"
-        fi
     fi
 
     if [ -n "${passwordsTool}" ]; then
@@ -305,30 +260,4 @@ function checkDistDetectURL() {
 
 }
 
-function checkFilebeatURL() {
-
-    # Import variables
-    eval "$(grep -E "wazuh_version=" "${resources_installer}/installVariables.sh")"
-    eval "$(grep -E "source_branch=" "${resources_installer}/installVariables.sh" | sed 's/source_branch=/install_variables_source_branch=/')"
-    eval "$(grep -E "filebeat_wazuh_template=" "${resources_installer}/installVariables.sh" | sed "s/\${source_branch}/$install_variables_source_branch/")"
-
-    new_filebeat_url="https://raw.githubusercontent.com/wazuh/wazuh/master/extensions/elasticsearch/7.x/wazuh-template.json"
-
-    # Get the response of the URL and check it
-    response=$(curl -I --write-out '%{http_code}' --silent --output /dev/null $filebeat_wazuh_template)
-    if [ "${response}" != "200" ]; then
-       	response=$(curl -I --write-out '%{http_code}' --silent --output /dev/null $new_filebeat_url)
-
-        # Display error if both URLs do not get the resource
-        if [ "${response}" != "200" ]; then
-            echo -e "Error: Could not get the Filebeat Wazuh template. "
-        # If matches, replace the variable of installVariables to the new one
-        else
-            echo -e "Changing Filebeat URL..."
-            sed -i -E "s|filebeat_wazuh_template=.*|filebeat_wazuh_template=\"${new_filebeat_url}\"|g" "${resources_installer}/installVariables.sh"
-            change_filebeat_url=1
-        fi
-    fi
-}
-
 builder_main "$@"

install_functions/checks.sh

@@ -19,6 +19,15 @@ function checks_arch() {
 
 function checks_arguments() {
 
+    # -------------- Repository selection ---------------------
+
+    if [ -n "${development}" ]; then
+        if [ -z "${AIO}" ] && [ -z "${dashboard}" ] && [ -z "${indexer}" ] && [ -z "${wazuh}" ] && [ -z "${start_indexer_cluster}" ] && [ -z "${download}" ]; then
+            common_logger -e "The -d|--development option must be used with -a, -ws, -s, -wi, -wd or -dw."
+            exit 1
+        fi
+    fi
+
     # -------------- Port option validation ---------------------
 
     if [ -n "${port_specified}" ]; then
@@ -444,6 +453,30 @@ function checks_available_port() {
     fi
 }
 
+function checks_filebeatURL() {
+    # URL uses branch when the source_branch is not a stage branch
+    if [[ ! "${source_branch}" =~ "-" ]]; then
+        source_branch="${source_branch#v}"
+        filebeat_wazuh_template="https://raw.githubusercontent.com/wazuh/wazuh/${source_branch}/extensions/elasticsearch/7.x/wazuh-template.json"
+    fi
+
+    # URL using master branch
+    new_filebeat_url="${filebeat_wazuh_template/${source_branch}/master}"
+
+    response=$(curl -I --write-out '%{http_code}' --silent --output /dev/null $filebeat_wazuh_template)
+    if [ "${response}" != "200" ]; then
+        response=$(curl -I --write-out '%{http_code}' --silent --output /dev/null $new_filebeat_url)
+
+        # Display error if both URLs do not get the resource
+        if [ "${response}" != "200" ]; then
+            common_logger -e "Error: Could not get the Filebeat Wazuh template."
+        else
+            common_logger "Using Filebeat template from master branch."
+            filebeat_wazuh_template="${new_filebeat_url}"
+        fi
+    fi
+}
+
 function checks_firewall(){
     ports_list=("$@")
     f_ports=""

install_functions/installMain.sh

@@ -22,6 +22,9 @@ function getHelp() {
     echo -e "        -c,  --config-file <path-to-config-yml>"
     echo -e "                Path to the configuration file used to generate wazuh-install-files.tar file containing the files that will be needed for installation. By default, the Wazuh installation assistant will search for a file named config.yml in the same path as the script."
     echo -e ""
+    echo -e "        -d [pre-release|staging],  --development"
+    echo -e "                Use development repositories. By default it uses the pre-release package repository. If staging is specified, it will use that repository."
+    echo -e ""
     echo -e "        -dw,  --download-wazuh <deb|rpm>"
     echo -e "                Download all the packages necessary for offline installation. Type of packages to download for offline installation (rpm, deb)"
     echo -e ""
@@ -98,6 +101,29 @@ function main() {
                 config_file="${2}"
                 shift 2
                 ;;
+            "-d"|"--development")
+                development=1
+                if [ -n "${2}" ] && [[ ! "${2}" =~ ^- ]]; then
+                    if [ "${2}" = "pre-release" ] || [ "${2}" = "staging" ]; then
+                        devrepo="${2}"
+                    else
+                        common_logger -e "Error: Invalid value '${2}' after -d|--development. Accepted values are 'pre-release' or 'staging'."
+                        getHelp
+                        exit 1
+                    fi
+                    shift 2
+                else
+                    devrepo="pre-release"
+                    shift 1
+                fi
+                repogpg="https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH"
+                repobaseurl="https://packages-dev.wazuh.com/${devrepo}"
+                reporelease="unstable"
+                filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.4.tar.gz"
+                bucket="packages-dev.wazuh.com"
+                repository="${devrepo}"
+                ;;
+
             "-fd"|"--force-install-dashboard")
                 force=1
                 shift 1
@@ -236,6 +262,9 @@ function main() {
 
     common_checkInstalled
     checks_arguments
+    if [ -n "${development}" ]; then
+        checks_filebeatURL
+    fi
     if [ -n "${uninstall}" ]; then
         installCommon_rollBack
         exit 0
@@ -290,6 +319,7 @@ function main() {
     if [ -n "${offline_install}" ]; then
         offline_checkPreinstallation
         offline_extractFiles
+        offline_importGPGKey
     fi
 
     if [ -n "${AIO}" ] || [ -n "${indexer}" ] || [ -n "${dashboard}" ] || [ -n "${wazuh}" ]; then