From 873e9759ae0b250a1a19d415dd26e7f1d1bb700d Mon Sep 17 00:00:00 2001 From: rshad Date: Fri, 12 Jul 2019 13:06:02 +0000 Subject: [PATCH] Versioning and Ansible-Linting fixes are introduced to wazuh-agent and filebeat installations and testings --- molecule/filebeat/molecule.yml | 3 ++ molecule/filebeat/tests/test_default.py | 7 +++ molecule/wazuh-agent/tests/test_agents.py | 5 ++ .../wazuh/ansible-filebeat/defaults/main.yml | 2 + roles/wazuh/ansible-filebeat/tasks/main.yml | 50 +++++++++++++------ .../ansible-wazuh-agent/defaults/main.yml | 5 +- .../wazuh/ansible-wazuh-agent/tasks/Linux.yml | 16 +++++- .../ansible-wazuh-manager/tasks/main.yml | 4 +- 8 files changed, 72 insertions(+), 20 deletions(-) diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml index 4f0bffb6..e456c4ae 100755 --- a/molecule/filebeat/molecule.yml +++ b/molecule/filebeat/molecule.yml @@ -5,6 +5,9 @@ driver: name: docker lint: name: yamllint + options: + config-data: + ignore: .virtualenv platforms: - name: trusty image: ubuntu:trusty diff --git a/molecule/filebeat/tests/test_default.py b/molecule/filebeat/tests/test_default.py index 72ac55d4..a959e48b 100755 --- a/molecule/filebeat/tests/test_default.py +++ b/molecule/filebeat/tests/test_default.py @@ -4,3 +4,10 @@ import testinfra.utils.ansible_runner testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +def test_filebeat_is_installed(host): + """Test if the elasticsearch package is installed.""" + filebeat = host.package("filebeat") + assert filebeat.is_installed + assert filebeat.version.startswith('7.1.1') diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py index 5867dc2f..657cc9ee 100755 --- a/molecule/wazuh-agent/tests/test_agents.py +++ b/molecule/wazuh-agent/tests/test_agents.py @@ -7,6 +7,11 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('agent') +def get_wazuh_version(): + """This return the version of Wazuh.""" + return "3.9.0" + + def test_ossec_package_installed(Package): ossec = Package('wazuh-agent') assert ossec.is_installed diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml index cfb892bd..541c0214 100755 --- a/roles/wazuh/ansible-filebeat/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat/defaults/main.yml @@ -1,4 +1,6 @@ --- +filebeat_version: 7.1.1 + filebeat_create_config: true filebeat_prospectors: diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml index 2dfa3ecd..7bafcc79 100755 --- a/roles/wazuh/ansible-filebeat/tasks/main.yml +++ b/roles/wazuh/ansible-filebeat/tasks/main.yml @@ -5,26 +5,40 @@ - import_tasks: Debian.yml when: ansible_os_family == 'Debian' -- name: Install Filebeat. - package: name=filebeat state=present +- name: CentOS/RedHat | Install Filebeat. + package: name=filebeat-{{ filebeat_version }} state=present register: filebeat_installing_package until: filebeat_installing_package is succeeded + when: + - ansible_distribution in ['CentOS','RedHat'] tags: - install +- name: Debian/Ubuntu | Install Filebeat. + apt: + name: filebeat={{ filebeat_version }} + state: present + cache_valid_time: 3600 + register: filebeat_installing_package_debian + until: filebeat_installing_package_debian is succeeded + when: + - not (ansible_distribution in ['CentOS','RedHat']) + tags: + - init + - name: Check if certificate exists locally stat: - path: "{{node_certs_destination}}/{{ filebeat_node_name }}.crt" + path: "{{ node_certs_destination }}/{{ filebeat_node_name }}.crt" register: certificate_file_exists when: - filebeat_xpack_security - name: Copy key & certificate files in generator node (locally) synchronize: - src: "{{node_certs_source}}/{{filebeat_node_name}}/" - dest: "{{node_certs_destination}}/" + src: "{{ node_certs_source }}/{{ filebeat_node_name }}/" + dest: "{{ node_certs_destination }}/" delegate_to: "{{ node_certs_generator_ip }}" - when: + when: - node_certs_generator - filebeat_xpack_security - not certificate_file_exists.stat.exists @@ -32,26 +46,30 @@ - name: Copy ca certificate file in generator node (locally) synchronize: - src: "{{node_certs_source}}/ca/" - dest: "{{node_certs_destination}}/" + src: "{{ node_certs_source }}/ca/" + dest: "{{ node_certs_destination }}/" delegate_to: "{{ node_certs_generator_ip }}" - when: + when: - node_certs_generator - filebeat_xpack_security - not certificate_file_exists.stat.exists register: check_certs_permissions tags: xpack-security - + - name: Importing key & certificate files from generator node - shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{filebeat_node_name}}/ {{node_certs_destination}}/" + command: >- + {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}: + {{ node_certs_source }}/{{ filebeat_node_name }}/ {{ node_certs_destination }}/ when: - not node_certs_generator - filebeat_xpack_security - not certificate_file_exists.stat.exists tags: xpack-security -- name: Importing ca certificate file from generator node - shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/" +- name: Importing ca certificate file from generator node + command: >- + {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}: + {{ node_certs_source }}/ca/ {{ node_certs_destination }}/ when: - not node_certs_generator - filebeat_xpack_security @@ -60,7 +78,11 @@ tags: xpack-security - name: Ensuring certificates folder owner - shell: "chmod -R 770 {{node_certs_destination}}/" + file: + path: "{{ node_certs_destination }}/" + mode: '0770' + recurse: yes + when: - check_certs_permissions is defined - filebeat_xpack_security diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index e95707e6..ded6d5b9 100755 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,4 +1,5 @@ --- +wazuh_agent_version: 3.9.0 wazuh_managers: - address: 127.0.0.1 port: 1514 @@ -23,10 +24,10 @@ wazuh_winagent_config: install_dir_x86: 'C:\Program Files (x86)\ossec-agent\' auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe - version: '3.9.2' + version: '3.9.3' revision: '1' repo: https://packages.wazuh.com/3.x/windows/ - md5: 43936e7bc7eb51bd186f47dac4a6f477 + md5: c3fdbd6c121ca371b8abcd477ed4e8a4 wazuh_agent_config: active_response: ar_disabled: 'no' diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml index 2b644bde..faa28b57 100755 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml @@ -5,10 +5,22 @@ - import_tasks: "Debian.yml" when: ansible_os_family == "Debian" -- name: Linux | Install wazuh-agent - package: name=wazuh-agent state=present +- name: Linux CentOS/RedHat | Install wazuh-agent + package: name=wazuh-agent-{{ wazuh_agent_version }}-1 state=present async: 90 poll: 30 + when: + - ansible_distribution in ['CentOS','RedHat'] + tags: + - init + +- name: Linux Debian | Install wazuh-agent + apt: + name: "wazuh-agent={{ wazuh_agent_version }}-1" + state: present + cache_valid_time: 3600 + when: + - not (ansible_distribution in ['CentOS','RedHat']) tags: - init diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index 7064ba41..30e5ec87 100755 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -5,7 +5,7 @@ - import_tasks: "Debian.yml" when: ansible_os_family == "Debian" -- name: CentOS/RedHat | Install wazuh-manager, wazuh-api and expect +- name: CentOS/RedHat | Install wazuh-manager, wazuh-api package: pkg={{ item }}-{{ wazuh_manager_api_version }}-1 state={{ wazuh_manager_package_state }} with_items: - wazuh-manager @@ -17,7 +17,7 @@ tags: - init -- name: Debian/Ubuntu | Install wazuh-manager, wazuh-api and expect +- name: Debian/Ubuntu | Install wazuh-manager, wazuh-api apt: name: "{{ item }}={{ wazuh_manager_api_version }}-1" state: present