Merge branch '4.0'

CHANGELOG.md

@@ -1,6 +1,24 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v4.0.2]
+
+### Added
+
+- Update to Wazuh v4.0.2
+
+### Changed
+
+- New role variables have been introduced (e.g: `wazuh_agent_api_validate`), see documentation or PRs listed here for details.
+- Some variables have been deprecated (e.g: `wazuh_agent_nat`) in favour of other ones, see documentation or PRs listed here for details.
+
+### Fixed
+
+- Fix agent enrollment default value. Fix authd registration. [PR#505](https://github.com/wazuh/wazuh-ansible/issues/505)
+- Remove async clause causing agent install timeout on resource-constrained Centos installations [PR#507](https://github.com/wazuh/wazuh-ansible/issues/507)
+- Fix REST registration method for agents [PR#509](https://github.com/wazuh/wazuh-ansible/issues/509)
+- `authd_pass` and `api_pass` [precedence](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable) too high, lower to role defaults [PR#488](https://github.com/wazuh/wazuh-ansible/issues/488)
+
 ## [v4.0.1]
 
 ### Added
@@ -13,7 +31,7 @@ All notable changes to this project will be documented in this file.
 
 - Roles/elastic-stack: update jvm.options template per upstream updates ([@neonmei](https://github.com/neonmei)) [PR#501](https://github.com/wazuh/wazuh-ansible/pull/501)
 - Improve linting history ([@neonmei](https://github.com/neonmei))
-  - Fix lint opendistro kibana [PR#497](https://github.com/wazuh/wazuh-ansible/pull/497) 
+  - Fix lint opendistro kibana [PR#497](https://github.com/wazuh/wazuh-ansible/pull/497)
   - Feature lint roles configurations [PR#496](https://github.com/wazuh/wazuh-ansible/pull/496)
   - Feature lint role wazuh agent [PR#495](https://github.com/wazuh/wazuh-ansible/pull/495)
   - Feature lint role filebeat oss [PR#494](https://github.com/wazuh/wazuh-ansible/pull/494)

README.md

@@ -15,7 +15,7 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
 
 | Wazuh version | Elastic | ODFE   |
 |---------------|---------|--------|
-| v4.0.1        | 7.9.3   | 1.11.0 |
+| v4.0.2        | 7.9.3   | 1.11.0 |
 
 ## Documentation
 

molecule/distributed-wazuh-elk-xpack/group_vars/all.yml

@@ -12,6 +12,19 @@ manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}
 elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}"
 kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}"
 
+########################################################
+# Versions
+elastic_stack_version: 7.9.3
+filebeat_version: 7.9.3
+
+# Debian packages need the ${VERSION}-1
+wazuh_manager_version: 4.0.2-1
+wazuh_agent_version: 4.0.2-1
+
+# Kibana role appends it automatically.
+wazuh_version: 4.0.2
+
+
 ########################################################
 # General ELK stack variables
 
@@ -22,6 +35,3 @@ kibana_xpack_security: true
 elasticsearch_xpack_security: true
 elasticsearch_xpack_security_user: elastic
 elasticsearch_xpack_security_password: elastic_pass
-
-elastic_stack_version: 7.9.3
-filebeat_version: 7.9.3

molecule/distributed-wazuh-elk/group_vars/all.yml

@@ -10,4 +10,14 @@ elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars)  | list }}"
 manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}"
 elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}"
 
+########################################################
+# Versions
 elastic_stack_version: 7.9.3
+filebeat_version: 7.9.3
+
+# Debian packages need the ${VERSION}-1
+wazuh_manager_version: 4.0.2-1
+wazuh_agent_version: 4.0.2-1
+
+# Kibana role appends it automatically.
+wazuh_version: 4.0.2

molecule/distributed-wazuh-odfe/group_vars/all.yml

@@ -15,12 +15,6 @@ kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}"
 ########################################################
 # General ELK stack variables
 
-# Cluster Settings
-#es_version: "7.9.1"
-#es_major_version: "7.x"
-#opendistro_version: 1.10.1
-filebeat_version: 7.9.1
-
 # OpenDistro
 kibana_opendistro_security: true
 
@@ -34,4 +28,20 @@ opendistro_admin_password: changeme
 # All nodes are called by IP name
 elasticsearch_node_name: '{{ ansible_hostname }}'
 kibana_node_name: '{{ ansible_hostname }}'
-filebeat_node_name: '{{ ansible_hostname }}'
+filebeat_node_name: '{{ ansible_hostname }}'
+
+########################################################
+# Versions
+# See: https://opendistro.github.io/for-elasticsearch-docs/version-history/
+
+elastic_stack_version: 7.9.1
+opendistro_version: 1.11.0
+filebeat_version: 7.9.1
+kibana_opendistro_version: -1.11.0-1
+
+# Debian packages need the ${VERSION}-1
+wazuh_manager_version: 4.0.2-1
+wazuh_agent_version: 4.0.2-1
+
+# Kibana role appends it automatically.
+wazuh_version: 4.0.2

pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "wazuh-ansible"
-version = "4.0.1"
+version = "4.0.2"
 description = ""
 authors = ["neonmei <neonmei@pm.me>"]
 

roles/elastic-stack/ansible-kibana/defaults/main.yml

@@ -7,7 +7,7 @@ kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 kibana_conf_path: /etc/kibana
 elastic_stack_version: 7.9.3
-wazuh_version: 4.0.1
+wazuh_version: 4.0.2
 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana
 
 elasticrepo:

roles/opendistro/opendistro-kibana/defaults/main.yml

@@ -10,7 +10,7 @@ kibana_server_port: "5601"
 kibana_server_name: "kibana"
 kibana_max_payload_bytes: 1048576
 elastic_stack_version: 7.9.1
-wazuh_version: 4.0.1
+wazuh_version: 4.0.2
 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana
 
 # The OpenDistro package repository

roles/wazuh/ansible-filebeat-oss/defaults/main.yml

@@ -1,7 +1,7 @@
 ---
 filebeat_version: 7.9.1
 
-wazuh_template_branch: v4.0.1
+wazuh_template_branch: v4.0.2
 
 filebeat_output_elasticsearch_hosts:
   - "localhost:9200"

roles/wazuh/ansible-filebeat/defaults/main.yml

@@ -1,7 +1,7 @@
 ---
 filebeat_version: 7.9.3
 
-wazuh_template_branch: v4.0.1
+wazuh_template_branch: v4.0.2
 
 filebeat_create_config: true
 

roles/wazuh/ansible-wazuh-agent/defaults/main.yml

@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 4.0.1-1
+wazuh_agent_version: 4.0.2-1
 
 
 # Custom packages installation
@@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: ""
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v4.0.1"
+  branch: "v4.0.2"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -55,8 +55,8 @@ wazuh_winagent_config:
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   check_md5: True
   md5: f2444d89dab2c4c31bbdef454c95eb28
-wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.0.1-1.msi
+wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.0.2.msi
-wazuh_winagent_package_name: wazuh-agent-4.0.1-1.msi
+wazuh_winagent_package_name: wazuh-agent-4.0.2.msi
 
 wazuh_agent_repo:
   apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main'

roles/wazuh/ansible-wazuh-manager/defaults/main.yml

@@ -1,5 +1,5 @@
 ---
-wazuh_manager_version: 4.0.1-1
+wazuh_manager_version: 4.0.2-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
@@ -12,7 +12,7 @@ wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazon
 # Sources installation
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v4.0.1"
+  branch: "v4.0.2"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"