From 13e283687ca1de2d4e7f62e491d9e1e62ff9d43d Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 14:49:53 +0100
Subject: [PATCH 1/9] Define agent_groups group list

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 5f32a0f1..3d5c9986 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -397,3 +397,7 @@ nodejs:
       debian: "deb"
       redhat: "rpm"
   repo_url_ext: "nodesource.com/setup_10.x"
+
+agent_groups:
+  groups: # [] # groups to create
+    - group2
\ No newline at end of file

From 8d8ed17ce98387905e056b57f7b220d85c30a03c Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 14:50:06 +0100
Subject: [PATCH 2/9] Add task to create agent groups

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 842d33a6..f26664eb 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -355,6 +355,13 @@
   when:
     - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
 
+- name: Create agent groups
+  shell: "/var/ossec/bin/agent_groups -a -g {{ item }} -q"
+  with_items:
+    - "{{ agent_groups.groups }}"
+  when:
+    - ( agent_groups.groups is defined) and ( agent_groups.groups|length > 0)
+
 - include_tasks: "RMRedHat.yml"
   when:
     - ansible_os_family == "RedHat" or ansible_os_family == "Amazon"

From e11c44e72e6b95d102093a8ad30cc1d075f7c625 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 16:14:50 +0100
Subject: [PATCH 3/9] Set group list to empty

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 1 +
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 3 +--
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 266cb33f..51ba5302 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -37,6 +37,7 @@ wazuh_agent_authd:
   enable: false
   port: 1515
   agent_name: null
+  groups: []
   ssl_agent_ca: null
   ssl_agent_cert: null
   ssl_agent_key: null
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 3d5c9986..52de8dab 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -399,5 +399,4 @@ nodejs:
   repo_url_ext: "nodesource.com/setup_10.x"
 
 agent_groups:
-  groups: # [] # groups to create
-    - group2
\ No newline at end of file
+  groups: [] # groups to create

From e1b3156ee647dbd358c6c3cbf9db24788c860256 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 16:16:15 +0100
Subject: [PATCH 4/9] Add ability to register agent and assign it to groups

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 5664a428..6dbf1e46 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -76,6 +76,9 @@
         -k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
         {% endif %}
         {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
+        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups != None %} 
+        -G "{{ wazuh_agent_authd.groups | join(',') }}" 
+        {% endif %}
       register: agent_auth_output
       notify: restart wazuh-agent
       vars:

From 76215bf6ed5c01d648c37ed29dc8ed2c64512e21 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 17:55:51 +0100
Subject: [PATCH 5/9] Replace shell by command

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index f26664eb..6637f287 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -356,7 +356,7 @@
     - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
 
 - name: Create agent groups
-  shell: "/var/ossec/bin/agent_groups -a -g {{ item }} -q"
+  command: "/var/ossec/bin/agent_groups -a -g {{ item }} -q"
   with_items:
     - "{{ agent_groups.groups }}"
   when:

From 50ad3e07da8f4cf8b4c1afb3a6c52b19f83cb60d Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 17:56:06 +0100
Subject: [PATCH 6/9] Remove trailing spaces

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 6dbf1e46..5465f393 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -76,8 +76,8 @@
         -k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
         {% endif %}
         {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
-        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups != None %} 
-        -G "{{ wazuh_agent_authd.groups | join(',') }}" 
+        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups != None %}
+        -G "{{ wazuh_agent_authd.groups | join(',') }}"
         {% endif %}
       register: agent_auth_output
       notify: restart wazuh-agent

From 4adc19a02ff42585ffcff00a249b47193fb0f921 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 12 Feb 2020 14:16:38 +0100
Subject: [PATCH 7/9] Ignore idempotence test for agent groups creation

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 6637f287..6a2ccf95 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -361,6 +361,7 @@
     - "{{ agent_groups.groups }}"
   when:
     - ( agent_groups.groups is defined) and ( agent_groups.groups|length > 0)
+  tags: molecule-idempotence-notest
 
 - include_tasks: "RMRedHat.yml"
   when:

From c63756d541dc64cd052943e24c4297136c7f9ae1 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 20 Mar 2020 21:35:18 +0100
Subject: [PATCH 8/9] Fix list check if it's empty

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 5465f393..27819956 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -76,7 +76,7 @@
         -k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
         {% endif %}
         {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
-        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups != None %}
+        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups | length > 0 %}
         -G "{{ wazuh_agent_authd.groups | join(',') }}"
         {% endif %}
       register: agent_auth_output

From e27d0d33102c631e0ecabb4d3bdcaaafa16735e7 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 23 Mar 2020 20:32:12 +0100
Subject: [PATCH 9/9] Remove agent groups redundant list

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 3 +--
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml    | 4 ++--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 86b0205b..8b4151de 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -410,5 +410,4 @@ nodejs:
       redhat: "rpm"
   repo_url_ext: "nodesource.com/setup_10.x"
 
-agent_groups:
-  groups: [] # groups to create
+agent_groups: [] # groups to create
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 254b7e88..eaabdb77 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -354,9 +354,9 @@
 - name: Create agent groups
   command: "/var/ossec/bin/agent_groups -a -g {{ item }} -q"
   with_items:
-    - "{{ agent_groups.groups }}"
+    - "{{ agent_groups }}"
   when:
-    - ( agent_groups.groups is defined) and ( agent_groups.groups|length > 0)
+    - ( agent_groups is defined) and ( agent_groups|length > 0)
   tags: molecule-idempotence-notest
 
 - include_tasks: "RMRedHat.yml"