afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed apt_key deprecation

Browse Source
This commit is contained in:
David Correa Rodríguez 2024-05-21 17:38:02 +02:00
parent 9c50ae029a
commit 02b72932eb
No known key found for this signature in database
GPG Key ID: 8787C7C9FF271262
9 changed files with 89 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
roles/wazuh/ansible-filebeat-oss/defaults/main.yml
View File

@ -22,7 +22,8 @@ filebeat_ssl_dir: /etc/pki/filebeat
local_certs_path: "{{ playbook_dir }}/indexer/certificates" local_certs_path: "{{ playbook_dir }}/indexer/certificates"
filebeatrepo: filebeatrepo:
apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' keyring_path: '/usr/share/keyrings/wazuh.gpg'
apt: "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main"
yum: 'https://packages.wazuh.com/4.x/yum/' yum: 'https://packages.wazuh.com/4.x/yum/'
gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' path: '/tmp/WAZUH-GPG-KEY'

17
roles/wazuh/ansible-filebeat-oss/tasks/Debian.yml
View File

@ -9,11 +9,20 @@
register: filebeat_ca_packages_install register: filebeat_ca_packages_install
until: filebeat_ca_packages_install is succeeded until: filebeat_ca_packages_install is succeeded
- name: Debian/Ubuntu | Add Elasticsearch apt key. - name: Debian/Ubuntu | Download Filebeat apt key.
apt_key: get_url:
url: "{{ filebeatrepo.gpg }}" url: "{{ filebeatrepo.gpg }}"
id: "{{ filebeatrepo.key_id }}" dest: "{{ filebeatrepo.path }}"
state: present
- name: Import Filebeat GPG key
command: "gpg --no-default-keyring --keyring gnupg-ring:{{ filebeatrepo.keyring_path }} --import {{ filebeatrepo.path }}"
args:
creates: "{{ filebeatrepo.keyring_path }}"
- name: Set permissions for Filebeat GPG key
file:
path: "{{ filebeatrepo.keyring_path }}"
mode: '0644'
- name: Debian/Ubuntu | Add Filebeat-oss repository. - name: Debian/Ubuntu | Add Filebeat-oss repository.
apt_repository: apt_repository:

22
roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
View File

@ -38,10 +38,26 @@
- ansible_distribution_major_version | int == 14 - ansible_distribution_major_version | int == 14
- not wazuh_custom_packages_installation_agent_enabled - not wazuh_custom_packages_installation_agent_enabled
- name: Debian/Ubuntu | Installing Wazuh repository key - name: Debian/Ubuntu | Download Wazuh repository key
apt_key: get_url:
url: "{{ wazuh_agent_config.repo.gpg }}" url: "{{ wazuh_agent_config.repo.gpg }}"
id: "{{ wazuh_agent_config.repo.key_id }}" dest: "{{ wazuh_agent_config.repo.path }}"
when:
- not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
- not wazuh_custom_packages_installation_agent_enabled
- name: Debian/Ubuntu | Import Wazuh GPG key
command: "gpg --no-default-keyring --keyring gnupg-ring:{{ wazuh_agent_config.repo.keyring_path }} --import {{ wazuh_agent_config.repo.path }}"
when:
- not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
- not wazuh_custom_packages_installation_agent_enabled
args:
creates: "{{ wazuh_agent_config.repo.keyring_path }}"
- name: Debian/Ubuntu | Set permissions for Wazuh GPG key
file:
path: "{{ wazuh_agent_config.repo.keyring_path }}"
mode: '0644'
when: when:
- not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14) - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
- not wazuh_custom_packages_installation_agent_enabled - not wazuh_custom_packages_installation_agent_enabled

22
roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
View File

@ -26,10 +26,26 @@
- ansible_distribution_major_version | int == 14 - ansible_distribution_major_version | int == 14
- not wazuh_custom_packages_installation_manager_enabled - not wazuh_custom_packages_installation_manager_enabled
- name: Debian/Ubuntu | Installing Wazuh repository key - name: Debian/Ubuntu | Download Wazuh repository key
apt_key: get_url:
url: "{{ wazuh_manager_config.repo.gpg }}" url: "{{ wazuh_manager_config.repo.gpg }}"
id: "{{ wazuh_manager_config.repo.key_id }}" dest: "{{ wazuh_manager_config.repo.path }}"
when:
- not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
- not wazuh_custom_packages_installation_manager_enabled
- name: Debian/Ubuntu | Import Wazuh GPG key
command: "gpg --no-default-keyring --keyring gnupg-ring:{{ wazuh_manager_config.repo.keyring_path }} --import {{ wazuh_manager_config.repo.path }}"
when:
- not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
- not wazuh_custom_packages_installation_manager_enabled
args:
creates: "{{ wazuh_manager_config.repo.keyring_path }}"
- name: Debian/Ubuntu | Set permissions for Wazuh GPG key
file:
path: "{{ wazuh_manager_config.repo.keyring_path }}"
mode: '0644'
when: when:
- not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14) - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
- not wazuh_custom_packages_installation_manager_enabled - not wazuh_custom_packages_installation_manager_enabled

5
roles/wazuh/vars/repo.yml
View File

@ -1,8 +1,9 @@
wazuh_repo: wazuh_repo:
apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' keyring_path: '/usr/share/keyrings/wazuh.gpg'
apt: 'deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main'
yum: 'https://packages.wazuh.com/4.x/yum/' yum: 'https://packages.wazuh.com/4.x/yum/'
gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' path: '/tmp/WAZUH-GPG-KEY'
wazuh_winagent_config_url: "https://packages.wazuh.com/4.x/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_config_url: "https://packages.wazuh.com/4.x/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi"
wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi"
wazuh_winagent_sha512_url: "https://packages.wazuh.com/4.x/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512" wazuh_winagent_sha512_url: "https://packages.wazuh.com/4.x/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512"

7
roles/wazuh/vars/repo_pre-release.yml
View File

@ -1,8 +1,9 @@
wazuh_repo: wazuh_repo:
apt: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main' keyring_path: '/usr/share/keyrings/wazuh.gpg'
apt: 'deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main'
yum: 'https://packages-dev.wazuh.com/pre-release/yum/' yum: 'https://packages-dev.wazuh.com/pre-release/yum/'
gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH'
key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' path: '/tmp/WAZUH-GPG-KEY'
wazuh_winagent_config_url: "https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_config_url: "https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi"
wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi"
wazuh_winagent_sha512_url: "https://packages-dev.wazuh.com/pre-release/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512" wazuh_winagent_sha512_url: "https://packages-dev.wazuh.com/pre-release/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512"
@ -10,7 +11,7 @@ filebeat_module_package_url: https://packages-dev.wazuh.com/pre-release/filebeat
wazuh_macos_intel_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.intel64.pkg" wazuh_macos_intel_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.intel64.pkg"
wazuh_macos_arm_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.arm64.pkg" wazuh_macos_arm_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.arm64.pkg"
wazuh_macos_intel_package_url: "https://packages-dev.wazuh.com/staging/pre-release/{{ wazuh_macos_intel_package_name }}" wazuh_macos_intel_package_url: "https://packages-dev.wazuh.com/pre-release/{{ wazuh_macos_intel_package_name }}"
wazuh_macos_arm_package_url: "https://packages-dev.wazuh.com/pre-release/macos/{{ wazuh_macos_arm_package_name }}" wazuh_macos_arm_package_url: "https://packages-dev.wazuh.com/pre-release/macos/{{ wazuh_macos_arm_package_name }}"
certs_gen_tool_version: 4.8 certs_gen_tool_version: 4.8

5
roles/wazuh/vars/repo_staging.yml
View File

@ -1,8 +1,9 @@
wazuh_repo: wazuh_repo:
apt: 'deb https://packages-dev.wazuh.com/staging/apt/ unstable main' keyring_path: '/usr/share/keyrings/wazuh.gpg'
apt: 'deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/staging/apt/ unstable main'
yum: 'https://packages-dev.wazuh.com/staging/yum/' yum: 'https://packages-dev.wazuh.com/staging/yum/'
gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH'
key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' path: '/tmp/WAZUH-GPG-KEY'
wazuh_winagent_config_url: "https://packages-dev.wazuh.com/staging/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_config_url: "https://packages-dev.wazuh.com/staging/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi"
wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi"
wazuh_winagent_sha512_url: "https://packages-dev.wazuh.com/staging/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512" wazuh_winagent_sha512_url: "https://packages-dev.wazuh.com/staging/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512"

16
roles/wazuh/wazuh-dashboard/tasks/Debian.yml
View File

@ -2,10 +2,20 @@
- block: - block:
- include_vars: debian.yml - include_vars: debian.yml
- name: Add apt repository signing key - name: Download apt repository signing key
apt_key: get_url:
url: "{{ wazuh_repo.gpg }}" url: "{{ wazuh_repo.gpg }}"
state: present dest: "{{ wazuh_repo.path }}"
- name: Import Wazuh repository GPG key
command: "gpg --no-default-keyring --keyring gnupg-ring:{{ wazuh_repo.keyring_path }} --import {{ wazuh_repo.path }}"
args:
creates: "{{ wazuh_repo.keyring_path }}"
- name: Set permissions for Wazuh repository GPG key
file:
path: "{{ wazuh_repo.keyring_path }}"
mode: '0644'
- name: Debian systems | Add Wazuh dashboard repo - name: Debian systems | Add Wazuh dashboard repo
apt_repository: apt_repository:

14
roles/wazuh/wazuh-indexer/tasks/Debian.yml
View File

@ -19,9 +19,19 @@
- name: Add Wazuh indexer repository - name: Add Wazuh indexer repository
block: block:
- name: Add apt repository signing key - name: Add apt repository signing key
apt_key: get_url:
url: "{{ wazuh_repo.gpg }}" url: "{{ wazuh_repo.gpg }}"
state: present dest: "{{ wazuh_repo.path }}"
- name: Import Wazuh repository GPG key
command: "gpg --no-default-keyring --keyring gnupg-ring:{{ wazuh_repo.keyring_path }} --import {{ wazuh_repo.path }}"
args:
creates: "{{ wazuh_repo.keyring_path }}"
- name: Set permissions for Wazuh repository GPG key
file:
path: "{{ wazuh_repo.keyring_path }}"
mode: '0644'
- name: Add Wazuh indexer repository - name: Add Wazuh indexer repository
apt_repository: apt_repository: