Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add necessary functions to allow upgrade using installation assistant #1771

Open
wants to merge 361 commits into
base: 4.4
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
361 commits
Select commit Hold shift + click to select a range
f805e5f
Merge pull request #1951 from wazuh/1857-check-ports-change-grep-master
alberpilot Jan 9, 2023
c8b7d78
Merge branch 'master' into 1959-loop-when-generating-certs-45
verdx Jan 9, 2023
51cf6b4
Merge pull request #1992 from wazuh/1959-loop-when-generating-certs-45
alberpilot Jan 10, 2023
7ab38f6
Change the relative path used in checkFilebeat for a defined path var…
verdx Jan 10, 2023
5a257c9
Merge pull request #2026 from wazuh/2025-builder-error-relative-path
alberpilot Jan 10, 2023
998b019
Testing stoping wazuh manager in provision.sh
c-bordon Jan 4, 2023
efea678
Merge pull request #2028 from wazuh/1971-error-defining-attributes-in…
alberpilot Jan 11, 2023
4a7a518
Merge pull request #2022 from wazuh/4486-remove-parameter-depothelper…
alberpilot Jan 12, 2023
63433b6
Add trust verification if the package is to be signed.
Dwordcito Nov 16, 2022
0b486ef
Updating TRUST_VERIFICATION variable
pereyra-m Nov 30, 2022
cd1b624
Add flag to define a custom CA_NAME.
Dwordcito Dec 29, 2022
54d1f8b
Merge pull request #2038 from wazuh/15327-add-protection-for-untruste…
alberpilot Jan 13, 2023
af94907
Preserved security config files upon upgrade in the wazuh-indexer pac…
davidcr01 Jan 18, 2023
dd6ee39
Add Alma Linux, Rocky Linux and Oracle Linux to the init.d fix done f…
verdx Jan 19, 2023
1312148
Remove Oracle Linux as it does not replicate the error
verdx Jan 19, 2023
226f331
Fix Red Hat Enterprise Linux repeated and Alma Linux missing
verdx Jan 20, 2023
756ae34
Add Github Actions test for systemctl in RHEL 9 and derivatives
verdx Jan 20, 2023
1bd2583
Change names and Pull request paths
verdx Jan 20, 2023
de8edfc
Change images and fix script for github actions
verdx Jan 20, 2023
742b4a1
Small fix
verdx Jan 20, 2023
9ef7f71
Fix paths in workflows for github actions
verdx Jan 20, 2023
d947c57
Fix call to generate_rpm_package in github actions
verdx Jan 20, 2023
bfbfb0b
Disable shard allocation before upgrading wazuh-indexer
DFolchA Jan 20, 2023
50d2e24
Merge 4.4 into master (#2055)
DFolchA Jan 20, 2023
8d49c5a
Fix test path in shared file with docker
verdx Jan 20, 2023
f485443
The Wazuh dashboard build_number is updated with the Wazuh app parame…
c-bordon Jan 23, 2023
070166e
Updated loading page message (#2058)
c-bordon Jan 23, 2023
83ee9ab
Merge branch 'master' into 1626-fix-rhel9-derived-services
verdx Jan 23, 2023
3fd0c7d
Update master with 4.4 changes (#2040)
verdx Jan 23, 2023
163d3b6
Fixes to github actions tests
verdx Jan 23, 2023
f68ffc1
Make the user introduce the admin password to upgrade indexer
DFolchA Jan 23, 2023
ef4db24
Add workflow to create rpm packages for all architectures
verdx Jan 24, 2023
752f5cc
Change working directory position on package creation workflow
verdx Jan 24, 2023
3861d8a
Unify install and enable tests
verdx Jan 24, 2023
c85eb2c
Remove working directory in package creation workflow
verdx Jan 24, 2023
26c962d
Fixes in install and enable test workflow
verdx Jan 24, 2023
1263c73
Remove `:` from docker images in install and enable test
verdx Jan 24, 2023
59c5a9c
Disable automatic cancel when one fails
verdx Jan 24, 2023
ca0619f
Install docker on rare architectures
verdx Jan 24, 2023
cec21cb
Fix variable
verdx Jan 24, 2023
a316ac2
The package is now downloaded as an artifact from the package creatio…
verdx Jan 24, 2023
0ad5cb2
The uploading of the package creation images is automatised in a GitH…
verdx Jan 24, 2023
4adee72
Fixes in upload images workflow
verdx Jan 25, 2023
34e79d2
Change file name for build packages workflow
verdx Jan 25, 2023
c42c420
More syntax fixes in upload images workflow
verdx Jan 25, 2023
fa93d78
Run upload images worflow when changed
verdx Jan 25, 2023
40c5e74
More syntax fixes for upload images workflow
verdx Jan 25, 2023
fc00106
Change path for dockerfile in upload image workflow
verdx Jan 25, 2023
6a2552b
Remove unnecessary slash in path for Dockerfile
verdx Jan 25, 2023
7d4e056
Add cancel of last runs for test install
verdx Jan 25, 2023
c046b70
Fix calls to env variable GITHUB_WORKSPACE
verdx Jan 25, 2023
5444938
Remove env variable from dockerfile path for upload package creation
verdx Jan 25, 2023
9d98190
Add build context to upload image workflow
verdx Jan 25, 2023
fe289e0
Change variable for the package name in the building of the package
verdx Jan 25, 2023
157cf2e
Change container name to include branch
verdx Jan 25, 2023
504586f
Change github branch name reference
verdx Jan 25, 2023
8603bde
Change the building and upload of images to be done with a script
verdx Jan 25, 2023
6eae325
Install docker on rare architecture containers to build image for pac…
verdx Jan 25, 2023
ad260a8
Copy build.sh to correct place before building images
verdx Jan 25, 2023
c459080
Separate commands
verdx Jan 25, 2023
f017bc8
Separate docker setup scripts for ubuntu and alpine
verdx Jan 25, 2023
8e4fdb2
Pass user as argument to the build and push image scritp
verdx Jan 25, 2023
dbf68f0
Remove unneccessary commands in alpine setup
verdx Jan 25, 2023
cccd73c
Allow for more than one command on the upload image workflow
verdx Jan 25, 2023
e77e3f7
Change OS on which the images are generated
verdx Jan 25, 2023
efd6472
Change Os in which the images are built
verdx Jan 25, 2023
776fadd
Add RBAC CLI to RPM SPEC (#1659)
vicferpoy Jan 26, 2023
1c874c4
Change FIM database management using DBSync and RSync (#1275)
FrancoRivero Jan 26, 2023
85d7293
Revert "Change FIM database management using DBSync and RSync (#1275)…
chemamartinez Jan 26, 2023
72c1770
Merge branch 'master' into 1626-fix-rhel9-derived-services
verdx Jan 26, 2023
e6c763e
Correct name for images
verdx Jan 26, 2023
e79cd12
Add image name variable definition where needed
verdx Jan 26, 2023
f8d759d
Fix adding image_name to environment
verdx Jan 26, 2023
f10965d
Version is now in tag instead of name
verdx Jan 26, 2023
37be5b7
Add efficiency options to save images and
verdx Jan 26, 2023
c5cedae
Add environment variables to run-on-arch and setup docker on install …
verdx Jan 26, 2023
edb2d09
Remove GITHUB_WORKSPACE variable from explicitly declared variables f…
verdx Jan 26, 2023
a48f4ba
Echo the tag used to push the image to ghcr
verdx Jan 26, 2023
ede0cef
When the action is called from a PR, the image uploaded has the tag f…
verdx Jan 26, 2023
4132931
Download the docker images to create the packages
verdx Jan 26, 2023
b42cec3
Change OS for armv7 creation
verdx Jan 26, 2023
7ae6ded
Fix container name to pull from ghcr
verdx Jan 26, 2023
798beda
Unify build packages jobs
verdx Jan 26, 2023
e8962de
Unify upload images jobs
verdx Jan 26, 2023
47353e9
Fix variable names for the package building workflow
verdx Jan 26, 2023
2463c24
Fix variable name for container name in x86_64 and i386
verdx Jan 26, 2023
5b1fbee
Remove support for ppc64 aarch64 and armv7
verdx Jan 27, 2023
23a9b81
Fix syntax error in buil_rpm_packages.yml
verdx Jan 27, 2023
286d874
Remove unnecessary code
verdx Jan 27, 2023
040cb16
Force a run of the image upload workflow to create 4.5 images
verdx Jan 27, 2023
9f2ae9c
Fix tags
verdx Jan 27, 2023
018d1fc
Add deb GitHub Actions
verdx Jan 27, 2023
b80eb21
Merge branch 'master' into 1626-fix-rhel9-derived-services
verdx Jan 27, 2023
fbffbd2
Add `--force-yes` to apt-utils install in deb image build
verdx Jan 27, 2023
b68b669
Add `--force-yes` to the Dockerfile for deb package creation to be ab…
verdx Jan 27, 2023
a833e1f
Call package builder from image uploader if run from a pr
verdx Jan 27, 2023
5e5ed8f
Change call to package creations from step to job
verdx Jan 27, 2023
8b645f2
Dont build docker image when creating packages
verdx Jan 27, 2023
724c70e
Fix paths in trigger of worflows and call to TAG
verdx Jan 27, 2023
1138bff
Add clean workflow runs
verdx Jan 27, 2023
fbc3b19
Syntax errors
verdx Jan 27, 2023
a7b0e41
Add needs to sub-job in upload images and debug
verdx Jan 27, 2023
9c99ad5
Add argument --tag to generate_<system>_packages and call it on the a…
verdx Jan 27, 2023
903bb9a
Fix syntax
verdx Jan 27, 2023
c400874
Change made to force the different runtype of the workflow
verdx Jan 27, 2023
80451d0
Remove debug and fix call to pull image script
verdx Jan 27, 2023
e720ff7
Add other ways of triggering the cleaning
verdx Jan 27, 2023
26f4cb6
Debug
verdx Jan 27, 2023
4e768aa
Remove repo name from image name after pulling it
verdx Jan 27, 2023
fff3dd8
Upload the created package as an artifact
verdx Jan 27, 2023
7b707ce
Fix workflow names
verdx Jan 27, 2023
026d653
Remove the test for manager i386, as it is not supported
verdx Jan 30, 2023
16228ac
Add install and enable tests after the creation of packages
verdx Jan 30, 2023
5a9a743
Fix syntax error
verdx Jan 30, 2023
fb8b0eb
Change uses syntax from path to owner/repo/path
verdx Jan 30, 2023
2ad23d6
Add commit reference to uses
verdx Jan 30, 2023
8984233
Change variable used to add reference to commit
verdx Jan 30, 2023
0663e3d
Try direct path for reusable worflows
verdx Jan 30, 2023
d52d955
Change path type to reuse workflow
verdx Jan 30, 2023
35f1a02
Add call to test the packages after creating them
verdx Jan 30, 2023
ba1d831
Check if test install and enable works on its own
verdx Jan 30, 2023
68e3eee
Fixes
verdx Jan 30, 2023
023be39
Change call to VERSION variable inside step
verdx Jan 30, 2023
7abf95b
Fix variable VERSION setting
verdx Jan 30, 2023
dc2b1c7
Fix variable VERSION setting
verdx Jan 30, 2023
7da7999
Change single for double quotes when setting the package name
verdx Jan 30, 2023
aa2ebc3
Change path for the moving of the package and add argument to artifac…
verdx Jan 30, 2023
d1e6c05
Remove unneccessary working directory from step
verdx Jan 30, 2023
9462936
Cancel duplicate workflows and fix test install
verdx Jan 30, 2023
ec3f3d5
Call the install test after creating the packages
verdx Jan 30, 2023
253b2fe
Add tests install and enable for debian
verdx Jan 30, 2023
93afcdd
Change quotes in docker images name for testing
verdx Jan 30, 2023
43d7de2
Remove the skip duplicates action in the package building and change …
verdx Jan 30, 2023
42c6fef
Fix architecture errors for the install and enable tests
verdx Jan 30, 2023
32e2f1e
Fixes for the install and enable test for both rpm and deb
verdx Jan 30, 2023
080e1d9
Architecture fixes in install and enable test
verdx Jan 30, 2023
96a16e1
Change amazon linux from deb to rpm
verdx Jan 30, 2023
4a92498
Fixes
verdx Jan 30, 2023
887f670
Fixes
verdx Jan 30, 2023
50b5e27
Update apt repos before installing the package
verdx Jan 30, 2023
82c4953
Install systemd on DEB systems
verdx Jan 30, 2023
23ad407
DEB docker add architecture
verdx Jan 30, 2023
7ce0a3c
Remove distro combination ubuntu:jammy with i386 architecture
verdx Jan 30, 2023
527f94f
Change revision of packages for the name of the branch
verdx Jan 31, 2023
d35caa5
Change package revision name and add step to retry artifact uri
verdx Jan 31, 2023
642237f
Remove unnecessary input:
verdx Jan 31, 2023
18b4671
Remove hyphen for revision in rpm and debug
verdx Jan 31, 2023
051171d
Change the workflow conclusion neccessary to download the artifact to…
verdx Jan 31, 2023
0a42059
Change way to retry down,load of artifact
verdx Jan 31, 2023
f70e559
Increase timeout to download artifact
verdx Jan 31, 2023
9eb370b
Search for artifact with commit sha instead of workflow name
verdx Jan 31, 2023
58f5b3f
Search for artifacts with branch instead of commit
verdx Jan 31, 2023
03c9f25
Check artifact with workflow name
verdx Jan 31, 2023
e711c1b
Remove space in Clean runs workflow
verdx Jan 31, 2023
55978fa
Call to clean workflow runs
verdx Jan 31, 2023
a59e828
Remove pull_requests call to Clean runs workflow
verdx Jan 31, 2023
5773cfb
Check if artifact is available in the building package workflow
verdx Jan 31, 2023
6deda0c
Change action to download artifact
verdx Jan 31, 2023
02ca409
Go back to previous artifact download action
verdx Jan 31, 2023
c713ab2
Test downloading artifact from the building package workflow
verdx Jan 31, 2023
be6c7e4
Debug
verdx Jan 31, 2023
c19d381
Add waiting time after uploading artifact
verdx Jan 31, 2023
f64deed
Fix error
verdx Jan 31, 2023
0cac89f
Debugging
verdx Jan 31, 2023
c30f7f8
Yaml syntax fixes
verdx Jan 31, 2023
d03c3b5
Wait for the artifact to be uploaded if download fails
verdx Jan 31, 2023
07a3aed
Add continue_on_error to the install and enable test
verdx Jan 31, 2023
4abcd8b
Add continue-on-error to download of artifact
verdx Jan 31, 2023
b9538f1
Remove unnecessary always()
verdx Jan 31, 2023
7b1c9b6
Change day cleaning of workflow runs is done
verdx Jan 31, 2023
791cd81
Syntax fixes for the ghcr pushing and pulling scripts
verdx Feb 1, 2023
dbc7197
Add 4.5 to branches for which to create docker images on push
verdx Feb 1, 2023
36ffb4d
Fix cron attribute for Cleaning worfklow runs
verdx Feb 1, 2023
5045a01
Fix schedule cron for Clean runs
verdx Feb 1, 2023
ecbe45f
Difference between master and major versions when building packages
verdx Feb 1, 2023
37d496b
Cancel runs of the workflow for previous commits
verdx Feb 1, 2023
6cd6107
Set cancel to true when checking for previous runs
verdx Feb 1, 2023
e6ca436
Cancel previous runs for Build packages workflow
verdx Feb 1, 2023
13ba7e9
Step up waiting time for artifact download retry to 90 seconds
verdx Feb 1, 2023
733537b
Add workflow name and conclusion to retry of the artifact download
verdx Feb 1, 2023
bac6a0e
Fix to cancel previous runs step
verdx Feb 1, 2023
c5266ce
Remove retry of artifact download
verdx Feb 1, 2023
7f2d78d
Merge branch '4.4' of https://github.com/wazuh/wazuh-packages into 4.5
DFolchA Feb 1, 2023
32e6a60
Try again the artifact download retry with 240 seconds
verdx Feb 1, 2023
a4f477e
Debug if the workspace is the same when reusing workflows
verdx Feb 1, 2023
ac63a74
Test calling builder from another workflow
verdx Feb 1, 2023
9fec45a
Remove check
verdx Feb 1, 2023
abcee78
Test as a different workflow and wait for the package to be created
verdx Feb 1, 2023
ed43bdc
Change interval and timeout to wait for package
verdx Feb 1, 2023
625c626
Add cancel last run to the tests
verdx Feb 1, 2023
e041a02
Add job to cancel and wait for the package to be built
verdx Feb 1, 2023
01389de
Test wait for one hour of package creation
verdx Feb 2, 2023
dc13d75
Try different action to wait
verdx Feb 2, 2023
00ad440
Fix version for new waiting action
verdx Feb 2, 2023
8c9d4ef
Fix download artifact from success workflow
verdx Feb 2, 2023
2bd2bc0
Change waiting action for deb too
verdx Feb 2, 2023
08bd107
Added CentOS 9 Stream and Fedora 34 to the orifinal fix
verdx Feb 2, 2023
f52d16b
Add install and enable test for fedora 34
verdx Feb 2, 2023
9223223
Only install /etc/init.d/rc.d/* if systemd-sysv-install is not present
verdx Feb 3, 2023
24734fb
Fix typo
verdx Feb 3, 2023
ccd4486
Change condition to remove /etc/init.d/wazuh-indexer
verdx Feb 3, 2023
3e69fa3
Change debug call so it only runs if the command is not run with --help
verdx Feb 3, 2023
680e61f
Correct the condition for init.d deprecation
verdx Feb 3, 2023
066a21d
Change the condition to a macro
verdx Feb 3, 2023
c61261c
Remove trailing whitespace
verdx Feb 3, 2023
ad78e4b
Only create the correspondent docker image
verdx Feb 3, 2023
2ae6fd4
Add the changes to build_packages and fix in upload images
verdx Feb 3, 2023
5679018
Add changes to test install
verdx Feb 3, 2023
908ef35
Missing parenthesis
verdx Feb 3, 2023
39ea44e
Change how the conditionals are called in the test install files
verdx Feb 3, 2023
b51b449
Missing parenthesis
verdx Feb 3, 2023
865d0a5
Changed condition for wazuh indexer
verdx Feb 3, 2023
378f5ec
fix: Improve find command with xargs
GabrielEValenzuela Jan 11, 2023
3c96231
Add checks previous to upgrade
DFolchA Jan 31, 2023
51900f2
Merge pull request #1861 from wazuh/14175_timeout_yum_update
chemamartinez Feb 6, 2023
0a651da
Improval of the `curl` tool in the Installation Assistant (#2063)
davidcr01 Feb 6, 2023
c1fcff4
Merge remote-tracking branch 'origin/4.5' into 1626-fix-rhel9-derived…
verdx Feb 6, 2023
ccb2072
Merge pull request #2053 from wazuh/1626-fix-rhel9-derived-services
DFolchA Feb 6, 2023
25d7dd5
Merge remote-tracking branch 'origin/4.5' into 1918-avoid-initd-if-un…
verdx Feb 7, 2023
52c1055
Revert changes in build.sh
verdx Feb 7, 2023
0f7526f
Add opensuse to the testing
verdx Feb 7, 2023
9f30cfd
Remove installation of init.d service on manager and indexer and bett…
verdx Feb 7, 2023
d7dc64e
Fix new tests
verdx Feb 7, 2023
97f03e1
Remove Suse fix for the manager
verdx Feb 7, 2023
7997c6e
Correct the way to check type of init manager used
verdx Feb 7, 2023
2a36d66
Fix test, ps -p 1 gi ves bash
verdx Feb 7, 2023
cc817bd
Add centos 5 and 6 to the tests and try to pass on systemd to the tes…
verdx Feb 7, 2023
d3c4230
Change back manager to accept initd with the same solution as the agent
verdx Feb 8, 2023
74a1dc6
Remove enable test as new solution doesn't cover docker
verdx Feb 8, 2023
e6795ac
Improval of the curl tool in the Offline Installation (#2071)
davidcr01 Feb 8, 2023
41a3548
Fix zypper and wazuh-manger.spec
verdx Feb 8, 2023
6e92906
Remove zypper machines from the tests
verdx Feb 8, 2023
63babe9
Remove repositories if test run on centos 5 or 6
verdx Feb 8, 2023
f46fc48
Fix repos for centos 6 instead of removing them
verdx Feb 8, 2023
2ac19c6
Change file name to the install tests of github actions
verdx Feb 8, 2023
5ad2894
Change name of installation test github action
verdx Feb 9, 2023
39deaaf
Add the same changes to debian
verdx Feb 9, 2023
2b1523a
Change deb github actions to detect changes inside debs/SPECS
verdx Feb 9, 2023
b225ede
Change Upload docker images GitHub Actions so they are called when a …
verdx Feb 9, 2023
cb59438
Force run of the GitHub Action
verdx Feb 9, 2023
2bcaf51
Only build packages for necessary architectures
verdx Feb 9, 2023
2e15287
Create and upload images when PR is merged
verdx Feb 9, 2023
ed102bf
Force a run of the Upload Images GitHub Action
verdx Feb 9, 2023
dca0596
Modify necessary files to force the run of the action
verdx Feb 9, 2023
8785298
Remove changes in debs
verdx Feb 9, 2023
4f626c6
Merge pull request #2085 from wazuh/fix-upload-docker-images
DFolchA Feb 13, 2023
4ea387d
Merge remote-tracking branch 'origin/4.5' into 1918-avoid-initd-if-un…
verdx Feb 13, 2023
8527968
Merge pull request #2070 from wazuh/1918-avoid-initd-if-unnecessary
DFolchA Feb 13, 2023
119b4a7
Merge branch '4.5' of https://github.com/wazuh/wazuh-packages into 86…
DFolchA Feb 14, 2023
da6d7ff
Use common curl function for upgrade
DFolchA Feb 14, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions .github/actions/ghcr-pull-and-push/build_and_push_image_to_ghcr.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
GITHUB_PUSH_SECRET=$1
GITHUB_USER=$2
DOCKER_IMAGE_NAME=$3
BUILD_CONTEXT=$4
DOCKERFILE_PATH="$BUILD_CONTEXT/Dockerfile"
if [ -n "$5" ]; then
DOCKER_IMAGE_TAG=$5
else
DOCKER_IMAGE_TAG="latest"
fi
GITHUB_REPOSITORY="wazuh/wazuh-packages"
GITHUB_OWNER="wazuh"
IMAGE_ID=ghcr.io/${GITHUB_OWNER}/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}
IMAGE_ID=$(echo ${IMAGE_ID} | tr '[A-Z]' '[a-z]')

# Login to GHCR
echo ${GITHUB_PUSH_SECRET} | docker login https://ghcr.io -u $GITHUB_USER --password-stdin

# Build image
echo build -t ${IMAGE_ID} -f ${DOCKERFILE_PATH} ${BUILD_CONTEXT}
docker build -t ${IMAGE_ID} -f ${DOCKERFILE_PATH} ${BUILD_CONTEXT}
docker push ${IMAGE_ID}
19 changes: 19 additions & 0 deletions .github/actions/ghcr-pull-and-push/pull_image_from_ghcr.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
GITHUB_PUSH_SECRET=$1
GITHUB_USER=$2
DOCKER_IMAGE_NAME=$3
if [ -n "$4" ]; then
DOCKER_IMAGE_TAG="$4"
else
DOCKER_IMAGE_TAG="latest"
fi
GITHUB_REPOSITORY="wazuh/wazuh-packages"
GITHUB_OWNER="wazuh"
IMAGE_ID=ghcr.io/${GITHUB_OWNER}/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}
IMAGE_ID=$(echo ${IMAGE_ID} | tr '[A-Z]' '[a-z]')

# Login to GHCR
echo ${GITHUB_PUSH_SECRET} | docker login https://ghcr.io -u $GITHUB_USER --password-stdin

# Pull and rename image
docker pull ${IMAGE_ID}
docker image tag ghcr.io/${GITHUB_OWNER}/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}
311 changes: 311 additions & 0 deletions .github/actions/offline-installation/common.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,311 @@
#!/bin/bash

function check_package() {

if [ "${sys_type}" == "deb" ]; then
if ! apt list --installed 2>/dev/null | grep -q "${1}"; then
echo "INFO: The package "${1}" is not installed."
return 1
fi
elif [ "${sys_type}" == "rpm" ]; then
if ! yum list installed 2>/dev/null | grep -q "${1}"; then
echo "INFO: The package "${1}" is not installed."
return 1
fi
fi
return 0

}

function check_system() {

if [ -n "$(command -v yum)" ]; then
sys_type="rpm"
echo "INFO: RPM system detected."
elif [ -n "$(command -v apt-get)" ]; then
sys_type="deb"
echo "INFO: DEB system detected."
else
echo "ERROR: could not detect the system."
exit 1
fi

}

function check_file() {

if [ ! -f "${1}" ]; then
echo "ERROR: The ${1} file could not be downloaded."
exit 1
fi

}

function check_shards() {

retries=0
until [ "$(curl -s -k -u admin:admin "https://localhost:9200/_template/wazuh?pretty&filter_path=wazuh.settings.index.number_of_shards" | grep "number_of_shards")" ] || [ "${retries}" -eq 5 ]; do
sleep 5
retries=$((retries+1))
done

if [ ${retries} -eq 5 ]; then
echo "ERROR: Could not get the number of shards."
exit 1
fi
curl -s -k -u admin:admin "https://localhost:9200/_template/wazuh?pretty&filter_path=wazuh.settings.index.number_of_shards"
echo "INFO: Number of shards detected."

}

function dashboard_installation() {

install_package "wazuh-dashboard"
check_package "wazuh-dashboard"

echo "INFO: Generating certificates of the Wazuh dashboard..."
NODE_NAME=dashboard
mkdir /etc/wazuh-dashboard/certs
mv -n wazuh-certificates/$NODE_NAME.pem /etc/wazuh-dashboard/certs/dashboard.pem
mv -n wazuh-certificates/$NODE_NAME-key.pem /etc/wazuh-dashboard/certs/dashboard-key.pem
cp wazuh-certificates/root-ca.pem /etc/wazuh-dashboard/certs/
chmod 500 /etc/wazuh-dashboard/certs
chmod 400 /etc/wazuh-dashboard/certs/*
chown -R wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/certs

if [ "${sys_type}" == "deb" ]; then
enable_start_service "wazuh-dashboard"
elif [ "${sys_type}" == "rpm" ]; then
/usr/share/wazuh-dashboard/bin/opensearch-dashboards "-c /etc/wazuh-dashboard/opensearch_dashboards.yml" --allow-root > /dev/null 2>&1 &
fi

sleep 10
# In this context, 302 HTTP code refers to SSL certificates warning: success.
if [ "$(curl -k -s -I -w "%{http_code}" https://localhost -o /dev/null --fail)" -ne "302" ]; then
echo "ERROR: The Wazuh dashboard installation has failed."
exit 1
fi
echo "INFO: The Wazuh dashboard is ready."

}

function download_resources() {

check_file "${ABSOLUTE_PATH}"/wazuh-install.sh
bash "${ABSOLUTE_PATH}"/wazuh-install.sh -dw "${sys_type}"
echo "INFO: Downloading the resources..."

curl -sO https://packages.wazuh.com/4.3/config.yml
check_file "config.yml"

sed -i -e '0,/<indexer-node-ip>/ s/<indexer-node-ip>/127.0.0.1/' config.yml
sed -i -e '0,/<wazuh-manager-ip>/ s/<wazuh-manager-ip>/127.0.0.1/' config.yml
sed -i -e '0,/<dashboard-node-ip>/ s/<dashboard-node-ip>/127.0.0.1/' config.yml

curl -sO https://packages.wazuh.com/4.3/wazuh-certs-tool.sh
check_file "wazuh-certs-tool.sh"
chmod 744 wazuh-certs-tool.sh
./wazuh-certs-tool.sh --all

tar xf wazuh-offline.tar.gz
echo "INFO: Download finished."

if [ ! -d ./wazuh-offline ]; then
echo "ERROR: Could not download the resources."
exit 1
fi

}

function enable_start_service() {

systemctl daemon-reload
systemctl enable "${1}"
systemctl start "${1}"

retries=0
until [ "$(systemctl status "${1}" | grep "active")" ] || [ "${retries}" -eq 3 ]; do
sleep 2
retries=$((retries+1))
systemctl start "${1}"
done

if [ ${retries} -eq 3 ]; then
echo "ERROR: The "${1}" service could not be started."
exit 1
fi

}

function filebeat_installation() {

install_package "filebeat"
check_package "filebeat"

cp ./wazuh-offline/wazuh-files/filebeat.yml /etc/filebeat/ &&\
cp ./wazuh-offline/wazuh-files/wazuh-template.json /etc/filebeat/ &&\
chmod go+r /etc/filebeat/wazuh-template.json

sed -i 's|\("index.number_of_shards": \)".*"|\1 "1"|' /etc/filebeat/wazuh-template.json
filebeat keystore create
echo admin | filebeat keystore add username --stdin --force
echo admin | filebeat keystore add password --stdin --force
tar -xzf ./wazuh-offline/wazuh-files/wazuh-filebeat-0.2.tar.gz -C /usr/share/filebeat/module

echo "INFO: Generating certificates of Filebeat..."
NODE_NAME=wazuh-1
mkdir /etc/filebeat/certs
mv -n wazuh-certificates/$NODE_NAME.pem /etc/filebeat/certs/filebeat.pem
mv -n wazuh-certificates/$NODE_NAME-key.pem /etc/filebeat/certs/filebeat-key.pem
cp wazuh-certificates/root-ca.pem /etc/filebeat/certs/
chmod 500 /etc/filebeat/certs
chmod 400 /etc/filebeat/certs/*
chown -R root:root /etc/filebeat/certs

if [ "${sys_type}" == "deb" ]; then
enable_start_service "filebeat"
elif [ "${sys_type}" == "rpm" ]; then
/usr/share/filebeat/bin/filebeat --environment systemd -c /etc/filebeat/filebeat.yml --path.home /usr/share/filebeat --path.config /etc/filebeat --path.data /var/lib/filebeat --path.logs /var/log/filebeat &
fi

sleep 10
check_shards
eval "filebeat test output"
if [ "${PIPESTATUS[0]}" != 0 ]; then
echo "ERROR: The Filebeat installation has failed."
exit 1
fi

}

function indexer_initialize() {

retries=0
until [ "$(cat /var/log/wazuh-indexer/wazuh-cluster.log | grep "Node started")" ] || [ "${retries}" -eq 5 ]; do
sleep 5
retries=$((retries+1))
done

if [ ${retries} -eq 5 ]; then
echo "ERROR: The indexer node is not started."
exit 1
fi
/usr/share/wazuh-indexer/bin/indexer-security-init.sh

}

function indexer_installation() {

if [ "${sys_type}" == "rpm" ]; then
rpm --import ./wazuh-offline/wazuh-files/GPG-KEY-WAZUH
fi

install_package "wazuh-indexer"
check_package "wazuh-indexer"

echo "INFO: Generating certificates of the Wazuh indexer..."
NODE_NAME=node-1
mkdir /etc/wazuh-indexer/certs
mv -n wazuh-certificates/$NODE_NAME.pem /etc/wazuh-indexer/certs/indexer.pem
mv -n wazuh-certificates/$NODE_NAME-key.pem /etc/wazuh-indexer/certs/indexer-key.pem
mv wazuh-certificates/admin-key.pem /etc/wazuh-indexer/certs/
mv wazuh-certificates/admin.pem /etc/wazuh-indexer/certs/
cp wazuh-certificates/root-ca.pem /etc/wazuh-indexer/certs/
chmod 500 /etc/wazuh-indexer/certs
chmod 400 /etc/wazuh-indexer/certs/*
chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer/certs

sed -i 's|\(network.host: \)"0.0.0.0"|\1"127.0.0.1"|' /etc/wazuh-indexer/opensearch.yml

if [ "${sys_type}" == "rpm" ]; then
runuser "wazuh-indexer" --shell="/bin/bash" --command="OPENSEARCH_PATH_CONF=/etc/wazuh-indexer /usr/share/wazuh-indexer/bin/opensearch" > /dev/null 2>&1 &
sleep 5
elif [ "${sys_type}" == "deb" ]; then
enable_start_service "wazuh-indexer"
fi

indexer_initialize
sleep 10
eval "curl -s -XGET https://localhost:9200 -u admin:admin -k --fail"
if [ "${PIPESTATUS[0]}" != 0 ]; then
echo "ERROR: The Wazuh indexer installation has failed."
exit 1
fi

}

function install_dependencies() {

if [ "${sys_type}" == "rpm" ]; then
dependencies=( util-linux initscripts openssl )
not_installed=()
for dep in "${dependencies[@]}"; do
if [ "${dep}" == "openssl" ]; then
if ! yum list installed 2>/dev/null | grep -q "${dep}\.";then
not_installed+=("${dep}")
fi
elif ! yum list installed 2>/dev/null | grep -q "${dep}";then
not_installed+=("${dep}")
fi
done

if [ "${#not_installed[@]}" -gt 0 ]; then
echo "--- Dependencies ---"
for dep in "${not_installed[@]}"; do
echo "Installing $dep."
eval "yum install ${dep} -y"
if [ "${PIPESTATUS[0]}" != 0 ]; then
echo "ERROR: Cannot install dependency: ${dep}."
exit 1
fi
done
fi

elif [ "${sys_type}" == "deb" ]; then
eval "apt-get update -q > /dev/null"
dependencies=( openssl )
not_installed=()

for dep in "${dependencies[@]}"; do
if ! apt list --installed 2>/dev/null | grep -q "${dep}"; then
not_installed+=("${dep}")
fi
done

if [ "${#not_installed[@]}" -gt 0 ]; then
echo "--- Dependencies ----"
for dep in "${not_installed[@]}"; do
echo "Installing $dep."
apt-get install -y "${dep}"
if [ "${install_result}" != 0 ]; then
echo "ERROR: Cannot install dependency: ${dep}."
exit 1
fi
done
fi
fi

}

function install_package() {

if [ "${sys_type}" == "deb" ]; then
dpkg -i ./wazuh-offline/wazuh-packages/"${1}"*.deb
elif [ "${sys_type}" == "rpm" ]; then
rpm -ivh ./wazuh-offline/wazuh-packages/"${1}"*.rpm
fi

}

function manager_installation() {

install_package "wazuh-manager"
check_package "wazuh-manager"

if [ "${sys_type}" == "deb" ]; then
enable_start_service "wazuh-manager"
elif [ "${sys_type}" == "rpm" ]; then
/var/ossec/bin/wazuh-control start
fi

}
21 changes: 21 additions & 0 deletions .github/actions/offline-installation/offline-installation.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
#!/bin/bash

# Gets the absolute path of the script, used to load the common.sh file
ABSOLUTE_PATH="$( cd $(dirname ${0}) ; pwd -P )"
. ${ABSOLUTE_PATH}/common.sh

check_system
install_dependencies
download_resources

indexer_installation
echo "INFO: Wazuh indexer installation completed."

manager_installation
echo "INFO: Wazuh manager installation completed."

filebeat_installation
echo "INFO: Filebeat installation completed."

dashboard_installation
echo "INFO: Wazuh dashboard installation completed."
Loading