completed

Pipfile

@@ -16,6 +16,7 @@ python_version = "2.7"
 [scripts]
 clean = "molecule destroy"
 test ="molecule test --destroy=never"
+verify_test ="molecule verify"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
 filebeat ="molecule test -s filebeat"

molecule/default/playbook.yml

@@ -2,7 +2,7 @@
 - name: Converge
   hosts: all
   roles:
-    - role: wazuh/ansible-wazuh-manager
+    #- role: wazuh/ansible-wazuh-manager
-    - {role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'localhost:9200'}
+    #- {role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'localhost:9200'}
-    - {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
+    #- {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
     - {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}

molecule/default/tests/test_default.py

@@ -78,3 +78,54 @@ def test_open_ports(host):
     elif distribution == 'centos':
         assert host.socket("tcp://:::1515").is_listening
         assert not host.socket("tcp://:::1514").is_listening
+
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_filebeat_is_installed(host):
+    """Test if the elasticsearch package is installed."""
+    filebeat = host.package("filebeat")
+    assert filebeat.is_installed
+    assert filebeat.version.startswith('7.2.0')
+
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_elasticsearch_is_installed(host):
+    """Test if the elasticsearch package is installed."""
+    elasticsearch = host.package("elasticsearch")
+    assert elasticsearch.is_installed
+    assert elasticsearch.version.startswith('7.2.0')
+
+
+def test_elasticsearch_is_running(host):
+    """Test if the services are enabled and running."""
+    elasticsearch = host.service("elasticsearch")
+    assert elasticsearch.is_enabled
+    assert elasticsearch.is_running
+
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_port_kibana_is_open(host):
+    """Test if the port 5601 is open and listening to connections."""
+    host.socket("tcp://0.0.0.0:5601").is_listening
+
+
+def test_find_correct_elasticsearch_version(host):
+    """Test if we find the kibana/elasticsearch version in package.json"""
+    kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json")
+    assert kibana.contains("7.2.0")
+
+
+def test_wazuh_plugin_installed(host):
+    """Make sure there is a plugin wazuh directory."""
+    kibana = host.file("/usr/share/kibana/plugins/wazuh/")
+
+    assert kibana.is_directory

roles/elastic-stack/ansible-kibana/tasks/main.yml

@@ -125,6 +125,7 @@
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
   notify: restart kibana
+  become: yes
   become_user: kibana
   tags:
     - install