From f1b0299d952cb80b2e7c29d271e6b103d1129ad6 Mon Sep 17 00:00:00 2001 From: Alberto R Date: Sun, 30 Oct 2022 12:20:00 +0100 Subject: [PATCH 01/19] Fixes according MD004 --- README.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index fb3f4917..d2cd1f59 100644 --- a/README.md +++ b/README.md @@ -8,8 +8,9 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashboard. ## Branches -* `master` branch contains the latest code, be aware of possible bugs on this branch. -* `stable` branch on correspond to the last Wazuh stable version. + +- `master` branch contains the latest code, be aware of possible bugs on this branch. +- `stable` branch on correspond to the last Wazuh stable version. ## Compatibility Matrix @@ -39,8 +40,8 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb ## Documentation -* [Wazuh Ansible documentation](https://documentation.wazuh.com/current/deploying-with-ansible/index.html) -* [Full documentation](http://documentation.wazuh.com) +- [Wazuh Ansible documentation](https://documentation.wazuh.com/current/deploying-with-ansible/index.html) +- [Full documentation](http://documentation.wazuh.com) ## Directory structure @@ -414,4 +415,4 @@ Copyright (C) 2016, Wazuh Inc. (License GPLv2) ## Web references -* [Wazuh website](http://wazuh.com) +- [Wazuh website](http://wazuh.com) From 1365beb765832804b2511fdee1be626b1327720b Mon Sep 17 00:00:00 2001 From: Alberto R Date: Sun, 30 Oct 2022 12:21:07 +0100 Subject: [PATCH 02/19] MD022 fixes --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d2cd1f59..174dad7c 100644 --- a/README.md +++ b/README.md @@ -69,10 +69,10 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb │ ├── VERSION │ ├── CHANGELOG.md - ## Example: production-ready distributed environment ### Playbook + The hereunder example playbook uses the `wazuh-ansible` role to provision a production-ready Wazuh environment. The architecture includes 2 Wazuh nodes, 3 Wazuh indexer nodes and a mixed Wazuh dashboard node (Wazuh indexer data node + Wazuh dashboard). ```yaml @@ -327,6 +327,7 @@ After the playbook execution, the Wazuh UI should be reachable through `https:// ## Example: single-host environment ### Playbook + The hereunder example playbook uses the `wazuh-ansible` role to provision a single-host Wazuh environment. This architecture includes all the Wazuh and Opensearch components in a single node. ```yaml From d326ada41437deae0db420bed7658e7cc319bb0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 1 Nov 2022 17:19:13 -0300 Subject: [PATCH 03/19] Check packages files added --- check_packages.sh | 47 +++++++++++++++++++++++++++++++++++++++++++++++ packages_uri.txt | 8 ++++++++ 2 files changed, 55 insertions(+) create mode 100755 check_packages.sh create mode 100644 packages_uri.txt diff --git a/check_packages.sh b/check_packages.sh new file mode 100755 index 00000000..60b4a199 --- /dev/null +++ b/check_packages.sh @@ -0,0 +1,47 @@ +#!/bin/bash + +VERSION=$1 +#echo $VERSION +## Replace VERSION with $VERSION in packages_uri.txt and save it as packages_uri_new.txt +sed 's,VERSION,'$VERSION',g' packages_uri.txt > packages_uri_new.txt + +checkPackages(){ + ## Set S3 Bucket URL + if [ $1 == "production" ]; then + PACKAGES_URL=https://packages.wazuh.com/4.x/ + elif [ $1 == "pre-release" ]; then + PACKAGES_URL=https://packages-dev.wazuh.com/pre-release/ + elif [ $1 == "staging" ]; then + PACKAGES_URL=https://packages-dev.wazuh.com/staging/ + fi + + ## Set EXISTS to 0 (true) + EXISTS=0 + + ## Loop through the packages_uri_new.txt file + while IFS= read -r URI + do + #echo "$URI" + ## Check if the package exists + PACKAGE=$(curl --silent -I $PACKAGES_URL$URI | grep -E "^HTTP" | awk '{print $2}') + ## If it does not exist set EXISTS to 1 (false) + if [ "$PACKAGE" != "200" ]; then + EXISTS=1 + return $EXISTS + fi + done < packages_uri_new.txt + + return $EXISTS +} + +## Call the checkPackages function for each repository +if checkPackages "production"; then + echo "production" + exit 0 +elif checkPackages "pre-release"; then + echo "pre-release" + exit 0 +elif checkPackages "staging"; then + echo "staging" + exit 0 +fi \ No newline at end of file diff --git a/packages_uri.txt b/packages_uri.txt new file mode 100644 index 00000000..7d1d14cb --- /dev/null +++ b/packages_uri.txt @@ -0,0 +1,8 @@ +yum/wazuh-manager-VERSION-1.x86_64.rpm +yum/wazuh-agent-VERSION-1.x86_64.rpm +windows/wazuh-agent-VERSION-1.msi +apt/pool/main/w/wazuh-manager/wazuh-manager_VERSION-1_amd64.deb +apt/pool/main/w/wazuh-indexer/wazuh-indexer_VERSION-1_amd64.deb +apt/pool/main/f/filebeat/filebeat-oss-7.10.2-amd64.deb +apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_VERSION-1_amd64.deb +apt/pool/main/w/wazuh-agent/wazuh-agent_VERSION-1_ppc64el.deb \ No newline at end of file From d210da426d25cc3bcac33fbd6f64bf91664652dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 2 Nov 2022 08:39:03 -0300 Subject: [PATCH 04/19] Failed option added to check packages script --- check_packages.sh | 4 ++++ packages_uri.txt | 11 +++++------ 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/check_packages.sh b/check_packages.sh index 60b4a199..903399b6 100755 --- a/check_packages.sh +++ b/check_packages.sh @@ -27,6 +27,7 @@ checkPackages(){ ## If it does not exist set EXISTS to 1 (false) if [ "$PACKAGE" != "200" ]; then EXISTS=1 + #echo $PACKAGES_URL$URI "does not exist" return $EXISTS fi done < packages_uri_new.txt @@ -44,4 +45,7 @@ elif checkPackages "pre-release"; then elif checkPackages "staging"; then echo "staging" exit 0 +else + echo "Failed" + exit 1 fi \ No newline at end of file diff --git a/packages_uri.txt b/packages_uri.txt index 7d1d14cb..94204cb6 100644 --- a/packages_uri.txt +++ b/packages_uri.txt @@ -1,8 +1,7 @@ yum/wazuh-manager-VERSION-1.x86_64.rpm -yum/wazuh-agent-VERSION-1.x86_64.rpm +yum/filebeat-oss-7.10.2-x86_64.rpm +yum/wazuh-dashboard-VERSION-1.x86_64.rpm +yum/wazuh-indexer-VERSION-1.x86_64.rp +apt/pool/main/w/wazuh-agent/wazuh-agent_VERSION-1_ppc64el.deb windows/wazuh-agent-VERSION-1.msi -apt/pool/main/w/wazuh-manager/wazuh-manager_VERSION-1_amd64.deb -apt/pool/main/w/wazuh-indexer/wazuh-indexer_VERSION-1_amd64.deb -apt/pool/main/f/filebeat/filebeat-oss-7.10.2-amd64.deb -apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_VERSION-1_amd64.deb -apt/pool/main/w/wazuh-agent/wazuh-agent_VERSION-1_ppc64el.deb \ No newline at end of file +yum/wazuh-agent-VERSION-1.x86_64.rpm From 53e1e614534388d44f443908c64c4001edffad18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 2 Nov 2022 14:23:35 -0300 Subject: [PATCH 05/19] Changes to include the packages_repository variable --- molecule/distributed-wazuh/converge.yml | 4 ++++ roles/wazuh/ansible-wazuh-agent/tasks/main.yml | 15 +++++++-------- roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 13 +++++++------ roles/wazuh/check-packages/defaults/main.yml | 2 ++ .../wazuh/check-packages/files/packages_uri.txt | 6 +++--- .../check-packages/scripts/check_packages.sh | 14 +++++++++++--- roles/wazuh/check-packages/tasks/main.yml | 11 +++++++++++ .../vars/{repo_dev.yml => repo_pre-release.yml} | 0 roles/wazuh/vars/repo_staging.yml | 12 ++++++++++++ roles/wazuh/vars/repo_vars.yml | 1 + roles/wazuh/wazuh-dashboard/tasks/main.yml | 13 +++++++------ roles/wazuh/wazuh-indexer/tasks/main.yml | 13 +++++++------ 12 files changed, 72 insertions(+), 32 deletions(-) create mode 100644 roles/wazuh/check-packages/defaults/main.yml rename packages_uri.txt => roles/wazuh/check-packages/files/packages_uri.txt (52%) rename check_packages.sh => roles/wazuh/check-packages/scripts/check_packages.sh (78%) create mode 100644 roles/wazuh/check-packages/tasks/main.yml rename roles/wazuh/vars/{repo_dev.yml => repo_pre-release.yml} (100%) create mode 100644 roles/wazuh/vars/repo_staging.yml create mode 100644 roles/wazuh/vars/repo_vars.yml diff --git a/molecule/distributed-wazuh/converge.yml b/molecule/distributed-wazuh/converge.yml index 8ff42c37..3fd4169a 100644 --- a/molecule/distributed-wazuh/converge.yml +++ b/molecule/distributed-wazuh/converge.yml @@ -79,6 +79,10 @@ become: true become_user: root roles: + # 1. Check packages + - role: ../../roles/wazuh/check-packages + become: no + delegate_to: localhost # 1. Wazuh indexer - role: ../../roles/wazuh/wazuh-indexer when: inventory_hostname in groups['indexer'] diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/main.yml b/roles/wazuh/ansible-wazuh-agent/tasks/main.yml index f84d3748..d12446b1 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/main.yml @@ -1,16 +1,15 @@ --- -- name: Get latest Wazuh release - become: false - shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-" - register: wazuh_latest_release - delegate_to: localhost +- include_vars: ../../vars/repo_vars.yml - include_vars: ../../vars/repo.yml - when: "wazuh_latest_release.stdout is version(wazuh_agent_version, operator='ge')" + when: packages_repository == 'production' -- include_vars: ../../vars/repo_dev.yml - when: "wazuh_latest_release.stdout is version(wazuh_agent_version, operator='lt')" +- include_vars: ../../vars/repo_pre-release.yml + when: packages_repository == 'pre-release' + +- include_vars: ../../vars/repo_staging.yml + when: packages_repository == 'staging' - name: Overlay wazuh_agent_config on top of defaults set_fact: diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index e27784ca..57ee132d 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -9,15 +9,16 @@ - curl state: present -- name: Get latest wazuh release - shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-" - register: wazuh_latest_release +- include_vars: ../../vars/repo_vars.yml - include_vars: ../../vars/repo.yml - when: "wazuh_latest_release.stdout is version(wazuh_manager_version, operator='ge')" + when: packages_repository == 'production' -- include_vars: ../../vars/repo_dev.yml - when: "wazuh_latest_release.stdout is version(wazuh_manager_version, operator='lt')" +- include_vars: ../../vars/repo_pre-release.yml + when: packages_repository == 'pre-release' + +- include_vars: ../../vars/repo_staging.yml + when: packages_repository == 'staging' - name: Overlay wazuh_manager_config on top of defaults set_fact: diff --git a/roles/wazuh/check-packages/defaults/main.yml b/roles/wazuh/check-packages/defaults/main.yml new file mode 100644 index 00000000..e4a9fa3b --- /dev/null +++ b/roles/wazuh/check-packages/defaults/main.yml @@ -0,0 +1,2 @@ +--- +wazuh_version: 4.3.9 \ No newline at end of file diff --git a/packages_uri.txt b/roles/wazuh/check-packages/files/packages_uri.txt similarity index 52% rename from packages_uri.txt rename to roles/wazuh/check-packages/files/packages_uri.txt index 94204cb6..51a3043a 100644 --- a/packages_uri.txt +++ b/roles/wazuh/check-packages/files/packages_uri.txt @@ -1,7 +1,7 @@ yum/wazuh-manager-VERSION-1.x86_64.rpm yum/filebeat-oss-7.10.2-x86_64.rpm yum/wazuh-dashboard-VERSION-1.x86_64.rpm -yum/wazuh-indexer-VERSION-1.x86_64.rp -apt/pool/main/w/wazuh-agent/wazuh-agent_VERSION-1_ppc64el.deb +yum/wazuh-indexer-VERSION-1.x86_64.rpm +apt/pool/main/w/wazuh-agent/wazuh-agent_VERSION-1_amd64.deb windows/wazuh-agent-VERSION-1.msi -yum/wazuh-agent-VERSION-1.x86_64.rpm +yum/wazuh-agent-VERSION-1.x86_64.rpm \ No newline at end of file diff --git a/check_packages.sh b/roles/wazuh/check-packages/scripts/check_packages.sh similarity index 78% rename from check_packages.sh rename to roles/wazuh/check-packages/scripts/check_packages.sh index 903399b6..05b8ca40 100755 --- a/check_packages.sh +++ b/roles/wazuh/check-packages/scripts/check_packages.sh @@ -3,7 +3,7 @@ VERSION=$1 #echo $VERSION ## Replace VERSION with $VERSION in packages_uri.txt and save it as packages_uri_new.txt -sed 's,VERSION,'$VERSION',g' packages_uri.txt > packages_uri_new.txt +sed 's,VERSION,'$VERSION',g' ../files/packages_uri.txt > ../files/packages_uri_new.txt checkPackages(){ ## Set S3 Bucket URL @@ -21,7 +21,7 @@ checkPackages(){ ## Loop through the packages_uri_new.txt file while IFS= read -r URI do - #echo "$URI" + echo "$URI" ## Check if the package exists PACKAGE=$(curl --silent -I $PACKAGES_URL$URI | grep -E "^HTTP" | awk '{print $2}') ## If it does not exist set EXISTS to 1 (false) @@ -30,20 +30,28 @@ checkPackages(){ #echo $PACKAGES_URL$URI "does not exist" return $EXISTS fi - done < packages_uri_new.txt + done < ../files/packages_uri_new.txt return $EXISTS } +replaceVars(){ + sed -i "s|packages_repository:.*|packages_repository: $1|g" ../../vars/repo_vars.yml + +} + ## Call the checkPackages function for each repository if checkPackages "production"; then echo "production" + replaceVars "production" exit 0 elif checkPackages "pre-release"; then echo "pre-release" + replaceVars "pre-release" exit 0 elif checkPackages "staging"; then echo "staging" + replaceVars "staging" exit 0 else echo "Failed" diff --git a/roles/wazuh/check-packages/tasks/main.yml b/roles/wazuh/check-packages/tasks/main.yml new file mode 100644 index 00000000..bbee623b --- /dev/null +++ b/roles/wazuh/check-packages/tasks/main.yml @@ -0,0 +1,11 @@ +--- + - name: Check packages + shell: | + ./check_packages.sh {{ wazuh_version }} + args: + warn: false + executable: /bin/bash + chdir: "{{ role_path }}/scripts/" + delegate_to: localhost + become: no + diff --git a/roles/wazuh/vars/repo_dev.yml b/roles/wazuh/vars/repo_pre-release.yml similarity index 100% rename from roles/wazuh/vars/repo_dev.yml rename to roles/wazuh/vars/repo_pre-release.yml diff --git a/roles/wazuh/vars/repo_staging.yml b/roles/wazuh/vars/repo_staging.yml new file mode 100644 index 00000000..2c2b4966 --- /dev/null +++ b/roles/wazuh/vars/repo_staging.yml @@ -0,0 +1,12 @@ +wazuh_repo: + apt: 'deb https://packages-dev.wazuh.com/staging/apt/ unstable main' + yum: 'https://packages-dev.wazuh.com/staging/yum/' + gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' + key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' +wazuh_winagent_config_url: "https://packages-dev.wazuh.com/staging/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi" +wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi" + +certs_gen_tool_version: 4.4 + +# Url of certificates generator tool +certs_gen_tool_url: "https://packages-dev.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" \ No newline at end of file diff --git a/roles/wazuh/vars/repo_vars.yml b/roles/wazuh/vars/repo_vars.yml new file mode 100644 index 00000000..53157764 --- /dev/null +++ b/roles/wazuh/vars/repo_vars.yml @@ -0,0 +1 @@ +packages_repository: production \ No newline at end of file diff --git a/roles/wazuh/wazuh-dashboard/tasks/main.yml b/roles/wazuh/wazuh-dashboard/tasks/main.yml index 44bcaa1c..3f3fa665 100755 --- a/roles/wazuh/wazuh-dashboard/tasks/main.yml +++ b/roles/wazuh/wazuh-dashboard/tasks/main.yml @@ -1,13 +1,14 @@ --- -- name: Get latest wazuh release - shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-" - register: wazuh_latest_release +- include_vars: ../../vars/repo_vars.yml - include_vars: ../../vars/repo.yml - when: "wazuh_latest_release.stdout is version(dashboard_version, operator='ge')" + when: packages_repository == 'production' -- include_vars: ../../vars/repo_dev.yml - when: "wazuh_latest_release.stdout is version(dashboard_version, operator='lt')" +- include_vars: ../../vars/repo_pre-release.yml + when: packages_repository == 'pre-release' + +- include_vars: ../../vars/repo_staging.yml + when: packages_repository == 'staging' - import_tasks: RedHat.yml when: ansible_os_family == 'RedHat' diff --git a/roles/wazuh/wazuh-indexer/tasks/main.yml b/roles/wazuh/wazuh-indexer/tasks/main.yml index f3afe7f8..48034ae6 100644 --- a/roles/wazuh/wazuh-indexer/tasks/main.yml +++ b/roles/wazuh/wazuh-indexer/tasks/main.yml @@ -1,13 +1,14 @@ --- -- name: Get latest wazuh release - shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-" - register: wazuh_latest_release +- include_vars: ../../vars/repo_vars.yml - include_vars: ../../vars/repo.yml - when: "wazuh_latest_release.stdout is version(indexer_version, operator='ge')" + when: packages_repository == 'production' -- include_vars: ../../vars/repo_dev.yml - when: "wazuh_latest_release.stdout is version(indexer_version, operator='lt')" +- include_vars: ../../vars/repo_pre-release.yml + when: packages_repository == 'pre-release' + +- include_vars: ../../vars/repo_staging.yml + when: packages_repository == 'staging' - import_tasks: local_actions.yml when: From 3144ac1817361f135c9cdc65556c1478fa2c7723 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 2 Nov 2022 14:46:29 -0300 Subject: [PATCH 06/19] Test pre-release --- roles/wazuh/check-packages/scripts/check_packages.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/wazuh/check-packages/scripts/check_packages.sh b/roles/wazuh/check-packages/scripts/check_packages.sh index 05b8ca40..f41147c9 100755 --- a/roles/wazuh/check-packages/scripts/check_packages.sh +++ b/roles/wazuh/check-packages/scripts/check_packages.sh @@ -41,14 +41,14 @@ replaceVars(){ } ## Call the checkPackages function for each repository -if checkPackages "production"; then - echo "production" - replaceVars "production" - exit 0 -elif checkPackages "pre-release"; then +if checkPackages "pre-release"; then echo "pre-release" replaceVars "pre-release" exit 0 +elif checkPackages "production"; then + echo "production" + replaceVars "production" + exit 0 elif checkPackages "staging"; then echo "staging" replaceVars "staging" From 3924b0844917b46d7d8e7aee72c92390bfa39639 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 2 Nov 2022 15:16:12 -0300 Subject: [PATCH 07/19] CI tests updated --- molecule/default/converge.yml | 6 ++++++ molecule/distributed-wazuh/converge.yml | 11 ++++++----- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 62c15859..b6f7f2db 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -15,6 +15,12 @@ - name: ConvergeInstall hosts: all roles: + # 1. Check packages + - role: ../../roles/wazuh/check-packages + become: no + delegate_to: localhost + when: "inventory_hostname in {{ groups['indexer'] | first }}" + # 2. Managers - role: ../../roles/wazuh/ansible-wazuh-manager vars: - { role: ../../roles/wazuh/ansible-filebeat-oss, filebeat_output_indexer_hosts: "indexer_centos7:9200" } diff --git a/molecule/distributed-wazuh/converge.yml b/molecule/distributed-wazuh/converge.yml index 3fd4169a..44f0db53 100644 --- a/molecule/distributed-wazuh/converge.yml +++ b/molecule/distributed-wazuh/converge.yml @@ -83,24 +83,25 @@ - role: ../../roles/wazuh/check-packages become: no delegate_to: localhost - # 1. Wazuh indexer + when: "inventory_hostname in {{ groups['indexer'] | first }}" + # 2. Wazuh indexer - role: ../../roles/wazuh/wazuh-indexer when: inventory_hostname in groups['indexer'] - # 2. Managers + # 3. Managers - role: ../../roles/wazuh/ansible-wazuh-manager when: inventory_hostname in groups['managers'] - role: ../../roles/wazuh/ansible-filebeat-oss when: inventory_hostname in groups['managers'] - # 3. Wazuh dashboard + # 4. Wazuh dashboard - role: ../../roles/wazuh/wazuh-dashboard when: inventory_hostname in groups['dashboard'] - # 4. Agents: + # 5. Agents: - role: ../../roles/wazuh/ansible-wazuh-agent vars: wazuh_managers: '{{ wazuh_managers_list }}' when: inventory_hostname in groups['agents'] vars: - instances: + instances: node1: name: wazuh-es01 # Important: must be equal to indexer_node_name. ip: "{{ hostvars.molecule_wazuh_indexer_centos7.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. From f64534f5cae759a79774e45fa83608016b972afc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 2 Nov 2022 15:25:46 -0300 Subject: [PATCH 08/19] Check packages run_once --- molecule/default/converge.yml | 3 ++- molecule/distributed-wazuh/converge.yml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index b6f7f2db..31688a6c 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -19,7 +19,8 @@ - role: ../../roles/wazuh/check-packages become: no delegate_to: localhost - when: "inventory_hostname in {{ groups['indexer'] | first }}" + when: inventory_hostname in groups['indexer'][0] + run_once: true # 2. Managers - role: ../../roles/wazuh/ansible-wazuh-manager vars: diff --git a/molecule/distributed-wazuh/converge.yml b/molecule/distributed-wazuh/converge.yml index 44f0db53..76dc91a7 100644 --- a/molecule/distributed-wazuh/converge.yml +++ b/molecule/distributed-wazuh/converge.yml @@ -83,7 +83,8 @@ - role: ../../roles/wazuh/check-packages become: no delegate_to: localhost - when: "inventory_hostname in {{ groups['indexer'] | first }}" + when: inventory_hostname in groups['indexer'][0] + run_once: true # 2. Wazuh indexer - role: ../../roles/wazuh/wazuh-indexer when: inventory_hostname in groups['indexer'] From 5974e96f92db9a4fb364ce309f3b5fcf164d6c27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 2 Nov 2022 15:34:52 -0300 Subject: [PATCH 09/19] Default test updated --- molecule/default/converge.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 31688a6c..4f3df092 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -19,7 +19,7 @@ - role: ../../roles/wazuh/check-packages become: no delegate_to: localhost - when: inventory_hostname in groups['indexer'][0] + when: inventory_hostname in groups['managers'][0] run_once: true # 2. Managers - role: ../../roles/wazuh/ansible-wazuh-manager From adb9ec35ddf8bc17d592882b9b195f4b756a84cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 2 Nov 2022 16:03:47 -0300 Subject: [PATCH 10/19] Default test updated --- molecule/default/converge.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 4f3df092..17a84ecd 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -19,7 +19,6 @@ - role: ../../roles/wazuh/check-packages become: no delegate_to: localhost - when: inventory_hostname in groups['managers'][0] run_once: true # 2. Managers - role: ../../roles/wazuh/ansible-wazuh-manager From 496b8bb7b4b71f1ee76b95a0436e4db5fb69d91a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 2 Nov 2022 16:24:09 -0300 Subject: [PATCH 11/19] Distributed test updated --- molecule/distributed-wazuh/converge.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/molecule/distributed-wazuh/converge.yml b/molecule/distributed-wazuh/converge.yml index 76dc91a7..6ed457fd 100644 --- a/molecule/distributed-wazuh/converge.yml +++ b/molecule/distributed-wazuh/converge.yml @@ -83,7 +83,6 @@ - role: ../../roles/wazuh/check-packages become: no delegate_to: localhost - when: inventory_hostname in groups['indexer'][0] run_once: true # 2. Wazuh indexer - role: ../../roles/wazuh/wazuh-indexer From d42d9aee04861f003d07104dcc84049e0286e7da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 3 Nov 2022 16:36:24 -0300 Subject: [PATCH 12/19] Packages uri file updated --- roles/wazuh/check-packages/files/packages_uri.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/check-packages/files/packages_uri.txt b/roles/wazuh/check-packages/files/packages_uri.txt index 51a3043a..6254f52c 100644 --- a/roles/wazuh/check-packages/files/packages_uri.txt +++ b/roles/wazuh/check-packages/files/packages_uri.txt @@ -1,5 +1,5 @@ yum/wazuh-manager-VERSION-1.x86_64.rpm -yum/filebeat-oss-7.10.2-x86_64.rpm +apt/pool/main/w/wazuh-manager/wazuh-manager_4.3.9-1_arm64.deb yum/wazuh-dashboard-VERSION-1.x86_64.rpm yum/wazuh-indexer-VERSION-1.x86_64.rpm apt/pool/main/w/wazuh-agent/wazuh-agent_VERSION-1_amd64.deb From 9ae63811e622cb800b0f08fa00a97d6c1f1d01a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 3 Nov 2022 17:19:58 -0300 Subject: [PATCH 13/19] Packages repository check test changes reverted --- roles/wazuh/check-packages/scripts/check_packages.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/wazuh/check-packages/scripts/check_packages.sh b/roles/wazuh/check-packages/scripts/check_packages.sh index f41147c9..da72cfcd 100755 --- a/roles/wazuh/check-packages/scripts/check_packages.sh +++ b/roles/wazuh/check-packages/scripts/check_packages.sh @@ -41,7 +41,11 @@ replaceVars(){ } ## Call the checkPackages function for each repository -if checkPackages "pre-release"; then +if checkPackages "production"; then + echo "production" + replaceVars "production" + exit 0 +elif checkPackages "pre-release"; then echo "pre-release" replaceVars "pre-release" exit 0 From a0298025d8d94ccd8a3aaabc37dc090aa6446a26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 4 Nov 2022 10:19:07 -0300 Subject: [PATCH 14/19] Packages URI fixed --- roles/wazuh/check-packages/files/packages_uri.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/check-packages/files/packages_uri.txt b/roles/wazuh/check-packages/files/packages_uri.txt index 6254f52c..df1addd3 100644 --- a/roles/wazuh/check-packages/files/packages_uri.txt +++ b/roles/wazuh/check-packages/files/packages_uri.txt @@ -1,5 +1,5 @@ yum/wazuh-manager-VERSION-1.x86_64.rpm -apt/pool/main/w/wazuh-manager/wazuh-manager_4.3.9-1_arm64.deb +apt/pool/main/w/wazuh-manager/wazuh-manager_VERSION-1_arm64.deb yum/wazuh-dashboard-VERSION-1.x86_64.rpm yum/wazuh-indexer-VERSION-1.x86_64.rpm apt/pool/main/w/wazuh-agent/wazuh-agent_VERSION-1_amd64.deb From 71c46e9a0d54e9e57d6725c8d5178102c1c74b5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 4 Nov 2022 11:05:21 -0300 Subject: [PATCH 15/19] Packages typo fixed --- roles/wazuh/check-packages/files/packages_uri.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/check-packages/files/packages_uri.txt b/roles/wazuh/check-packages/files/packages_uri.txt index df1addd3..79047824 100644 --- a/roles/wazuh/check-packages/files/packages_uri.txt +++ b/roles/wazuh/check-packages/files/packages_uri.txt @@ -1,5 +1,5 @@ yum/wazuh-manager-VERSION-1.x86_64.rpm -apt/pool/main/w/wazuh-manager/wazuh-manager_VERSION-1_arm64.deb +apt/pool/main/w/wazuh-manager/wazuh-manager_VERSION-1_amd64.deb yum/wazuh-dashboard-VERSION-1.x86_64.rpm yum/wazuh-indexer-VERSION-1.x86_64.rpm apt/pool/main/w/wazuh-agent/wazuh-agent_VERSION-1_amd64.deb From b8016813270fb062918d985cc1046bb0aa67627b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 4 Nov 2022 14:42:24 -0300 Subject: [PATCH 16/19] Windows agent URI removed --- roles/wazuh/check-packages/files/packages_uri.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/wazuh/check-packages/files/packages_uri.txt b/roles/wazuh/check-packages/files/packages_uri.txt index 79047824..bd59e004 100644 --- a/roles/wazuh/check-packages/files/packages_uri.txt +++ b/roles/wazuh/check-packages/files/packages_uri.txt @@ -3,5 +3,4 @@ apt/pool/main/w/wazuh-manager/wazuh-manager_VERSION-1_amd64.deb yum/wazuh-dashboard-VERSION-1.x86_64.rpm yum/wazuh-indexer-VERSION-1.x86_64.rpm apt/pool/main/w/wazuh-agent/wazuh-agent_VERSION-1_amd64.deb -windows/wazuh-agent-VERSION-1.msi yum/wazuh-agent-VERSION-1.x86_64.rpm \ No newline at end of file From 6e646748fb24b44a8da52900b5862a410a0c63ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 4 Nov 2022 15:18:57 -0300 Subject: [PATCH 17/19] Staging Windows agent package URI logic updated --- .../wazuh/check-packages/scripts/check_packages.sh | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/roles/wazuh/check-packages/scripts/check_packages.sh b/roles/wazuh/check-packages/scripts/check_packages.sh index da72cfcd..aeb28050 100755 --- a/roles/wazuh/check-packages/scripts/check_packages.sh +++ b/roles/wazuh/check-packages/scripts/check_packages.sh @@ -8,11 +8,25 @@ sed 's,VERSION,'$VERSION',g' ../files/packages_uri.txt > ../files/packages_uri_n checkPackages(){ ## Set S3 Bucket URL if [ $1 == "production" ]; then + echo "production" PACKAGES_URL=https://packages.wazuh.com/4.x/ elif [ $1 == "pre-release" ]; then + echo "pre-release" PACKAGES_URL=https://packages-dev.wazuh.com/pre-release/ elif [ $1 == "staging" ]; then + echo "staging" PACKAGES_URL=https://packages-dev.wazuh.com/staging/ + CHECK_WIN_PACKAGE=$(grep windows ../files/packages_uri_new.txt) + echo $CHECK_WIN_PACKAGE + if [ -n "$CHECK_WIN_PACKAGE" ]; then + WIN_AGENT_URI="windows/"$(aws s3 ls s3://packages-dev.wazuh.com/staging/windows/wazuh-agent-$VERSION --region=us-west-1 | tail -1 | awk '{printf $4}') + if [ $WIN_AGENT_URI == "windows/" ]; then + echo "Windows agent package for version " $VERSION " does not exist in the staging repository" + exit 1 + fi + fi + echo $WIN_AGENT_URI "check" + sed -i 's,windows/.*,'$WIN_AGENT_URI',g' ../files/packages_uri_new.txt fi ## Set EXISTS to 0 (true) From a7c4f3ea7e6b4a1c6f7346458661c2e133284f5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 4 Nov 2022 15:45:20 -0300 Subject: [PATCH 18/19] Commands to replace the Windows agent vars in repo_vars.yml --- roles/wazuh/check-packages/scripts/check_packages.sh | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/roles/wazuh/check-packages/scripts/check_packages.sh b/roles/wazuh/check-packages/scripts/check_packages.sh index aeb28050..20c62047 100755 --- a/roles/wazuh/check-packages/scripts/check_packages.sh +++ b/roles/wazuh/check-packages/scripts/check_packages.sh @@ -19,14 +19,17 @@ checkPackages(){ CHECK_WIN_PACKAGE=$(grep windows ../files/packages_uri_new.txt) echo $CHECK_WIN_PACKAGE if [ -n "$CHECK_WIN_PACKAGE" ]; then - WIN_AGENT_URI="windows/"$(aws s3 ls s3://packages-dev.wazuh.com/staging/windows/wazuh-agent-$VERSION --region=us-west-1 | tail -1 | awk '{printf $4}') - if [ $WIN_AGENT_URI == "windows/" ]; then + WIN_AGENT_NAME=$(aws s3 ls s3://packages-dev.wazuh.com/staging/windows/wazuh-agent-$VERSION --region=us-west-1 | tail -1 | awk '{printf $4}') + if [ -z $WIN_AGENT_NAME ]; then echo "Windows agent package for version " $VERSION " does not exist in the staging repository" exit 1 fi + WIN_AGENT_URI="windows/"$WIN_AGENT_NAME + echo $PACKAGES_URL$WIN_AGENT_URI "check" + sed -i 's,windows/.*,'$WIN_AGENT_URI',g' ../files/packages_uri_new.txt + sed -i 's,wazuh_winagent_config_url.*,wazuh_winagent_config_url: \"'$PACKAGES_URL$WIN_AGENT_URI'\",g' ../../vars/repo_staging.yml + sed -i 's,wazuh_winagent_package_name.*,wazuh_winagent_package_name: \"'$WIN_AGENT_NAME'\",g' ../../vars/repo_staging.yml fi - echo $WIN_AGENT_URI "check" - sed -i 's,windows/.*,'$WIN_AGENT_URI',g' ../files/packages_uri_new.txt fi ## Set EXISTS to 0 (true) From 21317b449b339dd490b2345b6cf9502b4aadb87c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Mon, 7 Nov 2022 11:21:27 -0300 Subject: [PATCH 19/19] Wazuh version updated --- roles/wazuh/check-packages/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/check-packages/defaults/main.yml b/roles/wazuh/check-packages/defaults/main.yml index e4a9fa3b..78e08132 100644 --- a/roles/wazuh/check-packages/defaults/main.yml +++ b/roles/wazuh/check-packages/defaults/main.yml @@ -1,2 +1,2 @@ --- -wazuh_version: 4.3.9 \ No newline at end of file +wazuh_version: 4.4.0 \ No newline at end of file