DTT1 - 4.8.0 adaptation

[rauldpm]

Description

DTT1 started its development at an early stage of 4.8.0, because it was not stable enough and there are no 4.9.0 packages, development has been done with 4.7.x packages

It is necessary to adapt the DTT1 packages to 4.8.0 to incorporate the latest functionalities and improvements, such as the connection between the Wazuh manager and the Wazuh indexer.

As 4.9.0 does not present hard changes since 4.8.0 (speaking about configuration changes), the 4.8.0 adaptation should work with 4.9.0 packages too, but, to be sure, consider the following to test 4.9.0 packages, as they are not present in pre-release and they are on an early development stage

• Generate 4.9.0 packages using the QA tools (in development)
• Move the 4.9.0 packages to the packages-dev.wazuh.com/staging repository
• Regenerate the RPM,RPM5,APT repository metadata using the old Packages_builder pipeline (create a 4.7.4 package for each system)
• Modify the DTT1 code to use staging instead of pre-release (note: the Wazuh installation assistant should be adapted too)

Related

• Deployability testing tier 1 #4495
• Main Branch: 4495-dtt1-release

Tasks

• Adapt DTT1 to 4.8.0 features
• Desired: Test 4.9.0 packages

[fcaffieri]

Update report

Test agente Fails 🔴

root@ubuntu-jammy:/home/vagrant# bash ./wazuh-install.sh -a -i -v
24/05/2024 13:41:01 DEBUG: Checking root permissions.
24/05/2024 13:41:01 DEBUG: Checking sudo package.
24/05/2024 13:41:01 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
24/05/2024 13:41:01 INFO: Verbose logging redirected to /var/log/wazuh-install.log
24/05/2024 13:41:01 DEBUG: APT package manager will be used.
24/05/2024 13:41:01 DEBUG: Checking system distribution.
24/05/2024 13:41:01 DEBUG: Detected distribution name: ubuntu
24/05/2024 13:41:01 DEBUG: Detected distribution version: 22
24/05/2024 13:41:01 DEBUG: Checking Wazuh installation.
24/05/2024 13:41:04 DEBUG: Checking system architecture.
24/05/2024 13:41:04 WARNING: Hardware and system checks ignored.
24/05/2024 13:41:04 DEBUG: Installing check dependencies.
Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Get:2 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB]
Hit:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Get:5 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [1075 kB]
Fetched 1304 kB in 2s (525 kB/s)
Reading package lists...
24/05/2024 13:41:11 INFO: Wazuh web interface port will be 443.
24/05/2024 13:41:11 DEBUG: Checking ports availability.
24/05/2024 13:41:11 DEBUG: Installing prerequisites dependencies.
Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:3 http://security.ubuntu.com/ubuntu jammy-security InRelease
Hit:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Reading package lists...
24/05/2024 13:41:15 DEBUG: Checking curl tool version.
24/05/2024 13:41:15 DEBUG: Adding the Wazuh repository.
gpg: keyring '/usr/share/keyrings/wazuh.gpg' created
gpg: key 96B3EE5F29111145: public key "Wazuh.com (Wazuh Signing Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main
Hit:1 http://security.ubuntu.com/ubuntu jammy-security InRelease
Hit:2 http://archive.ubuntu.com/ubuntu jammy InRelease
Hit:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Get:5 https://packages-dev.wazuh.com/pre-release/apt unstable InRelease [9585 B]
Fetched 9585 B in 6s (1567 B/s)
Reading package lists...
24/05/2024 13:41:23 INFO: Wazuh development repository added.
24/05/2024 13:41:23 INFO: --- Configuration files ---
24/05/2024 13:41:23 INFO: Generating configuration files.
24/05/2024 13:41:23 DEBUG: Creating Wazuh certificates.
24/05/2024 13:41:23 DEBUG: Reading configuration file.
24/05/2024 13:41:23 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 13:41:23 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 13:41:23 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 13:41:23 INFO: Generating the root certificate.
24/05/2024 13:41:24 INFO: Generating Admin certificates.
24/05/2024 13:41:24 DEBUG: Generating Admin private key.
24/05/2024 13:41:24 DEBUG: Converting Admin private key to PKCS8 format.
24/05/2024 13:41:24 DEBUG: Generating Admin CSR.
24/05/2024 13:41:24 DEBUG: Creating Admin certificate.
24/05/2024 13:41:24 INFO: Generating Wazuh indexer certificates.
24/05/2024 13:41:24 DEBUG: Creating the certificates for wazuh-indexer indexer node.
24/05/2024 13:41:24 DEBUG: Generating certificate configuration.
24/05/2024 13:41:24 DEBUG: Creating the Wazuh indexer tmp key pair.
24/05/2024 13:41:24 DEBUG: Creating the Wazuh indexer certificates.
24/05/2024 13:41:24 INFO: Generating Filebeat certificates.
24/05/2024 13:41:24 DEBUG: Generating the certificates for wazuh-server server node.
24/05/2024 13:41:24 DEBUG: Generating certificate configuration.
24/05/2024 13:41:24 DEBUG: Creating the Wazuh server tmp key pair.
24/05/2024 13:41:24 DEBUG: Creating the Wazuh server certificates.
24/05/2024 13:41:24 INFO: Generating Wazuh dashboard certificates.
24/05/2024 13:41:24 DEBUG: Generating certificate configuration.
24/05/2024 13:41:24 DEBUG: Creating the Wazuh dashboard tmp key pair.
24/05/2024 13:41:24 DEBUG: Creating the Wazuh dashboard certificates.
24/05/2024 13:41:24 DEBUG: Cleaning certificate files.
24/05/2024 13:41:24 DEBUG: Generating password file.
24/05/2024 13:41:24 DEBUG: Generating random passwords.
24/05/2024 13:41:25 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
24/05/2024 13:41:25 DEBUG: Extracting Wazuh configuration.
24/05/2024 13:41:25 DEBUG: Reading configuration file.
24/05/2024 13:41:25 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 13:41:25 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 13:41:25 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 13:41:25 INFO: --- Wazuh indexer ---
24/05/2024 13:41:25 INFO: Starting Wazuh indexer installation.
Reading package lists... Building dependency tree... Reading state information... E: Unable to locate package wazuh-indexer
24/05/2024 13:41:25 DEBUG: Checking Wazuh installation.
24/05/2024 13:41:26 ERROR: Wazuh indexer installation failed.
24/05/2024 13:41:26 INFO: --- Removing existing Wazuh installation ---
24/05/2024 13:41:26 DEBUG: Removing GPG key from system.
24/05/2024 13:41:27 INFO: Installation cleaned. Check the /var/log/wazuh-install.log file to learn more about the issue.

Test agente passed uploading de Wazuh indexer package 🟢

root@ubuntu-jammy:/home/vagrant# bash ./wazuh-install.sh -a -i -v
24/05/2024 14:15:49 DEBUG: Checking root permissions.
24/05/2024 14:15:49 DEBUG: Checking sudo package.
24/05/2024 14:15:49 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
24/05/2024 14:15:49 INFO: Verbose logging redirected to /var/log/wazuh-install.log
24/05/2024 14:15:49 DEBUG: APT package manager will be used.
24/05/2024 14:15:49 DEBUG: Checking system distribution.
24/05/2024 14:15:49 DEBUG: Detected distribution name: ubuntu
24/05/2024 14:15:49 DEBUG: Detected distribution version: 22
24/05/2024 14:15:49 DEBUG: Checking Wazuh installation.
24/05/2024 14:15:52 DEBUG: Checking system architecture.
24/05/2024 14:15:52 WARNING: Hardware and system checks ignored.
24/05/2024 14:15:52 DEBUG: Installing check dependencies.
Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:3 http://security.ubuntu.com/ubuntu jammy-security InRelease
Hit:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Reading package lists...
24/05/2024 14:15:57 INFO: Wazuh web interface port will be 443.
24/05/2024 14:15:57 DEBUG: Checking ports availability.
24/05/2024 14:15:58 DEBUG: Installing prerequisites dependencies.
Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:3 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Hit:4 http://security.ubuntu.com/ubuntu jammy-security InRelease
Reading package lists...
24/05/2024 14:16:01 DEBUG: Checking curl tool version.
24/05/2024 14:16:01 DEBUG: Adding the Wazuh repository.
gpg: keyring '/usr/share/keyrings/wazuh.gpg' created
gpg: key 96B3EE5F29111145: public key "Wazuh.com (Wazuh Signing Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main
Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://security.ubuntu.com/ubuntu jammy-security InRelease
Hit:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Get:5 https://packages-dev.wazuh.com/pre-release/apt unstable InRelease [17.3 kB]
Get:6 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 Packages [38.4 kB]
Fetched 55.7 kB in 2s (23.8 kB/s)
Reading package lists...
24/05/2024 14:16:09 INFO: Wazuh development repository added.
24/05/2024 14:16:09 INFO: --- Configuration files ---
24/05/2024 14:16:09 INFO: Generating configuration files.
24/05/2024 14:16:09 DEBUG: Creating Wazuh certificates.
24/05/2024 14:16:09 DEBUG: Reading configuration file.
24/05/2024 14:16:09 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 14:16:09 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 14:16:09 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 14:16:09 INFO: Generating the root certificate.
24/05/2024 14:16:09 INFO: Generating Admin certificates.
24/05/2024 14:16:09 DEBUG: Generating Admin private key.
24/05/2024 14:16:10 DEBUG: Converting Admin private key to PKCS8 format.
24/05/2024 14:16:10 DEBUG: Generating Admin CSR.
24/05/2024 14:16:10 DEBUG: Creating Admin certificate.
24/05/2024 14:16:10 INFO: Generating Wazuh indexer certificates.
24/05/2024 14:16:10 DEBUG: Creating the certificates for wazuh-indexer indexer node.
24/05/2024 14:16:10 DEBUG: Generating certificate configuration.
24/05/2024 14:16:10 DEBUG: Creating the Wazuh indexer tmp key pair.
24/05/2024 14:16:10 DEBUG: Creating the Wazuh indexer certificates.
24/05/2024 14:16:10 INFO: Generating Filebeat certificates.
24/05/2024 14:16:10 DEBUG: Generating the certificates for wazuh-server server node.
24/05/2024 14:16:10 DEBUG: Generating certificate configuration.
24/05/2024 14:16:10 DEBUG: Creating the Wazuh server tmp key pair.
24/05/2024 14:16:10 DEBUG: Creating the Wazuh server certificates.
24/05/2024 14:16:10 INFO: Generating Wazuh dashboard certificates.
24/05/2024 14:16:10 DEBUG: Generating certificate configuration.
24/05/2024 14:16:10 DEBUG: Creating the Wazuh dashboard tmp key pair.
24/05/2024 14:16:10 DEBUG: Creating the Wazuh dashboard certificates.
24/05/2024 14:16:10 DEBUG: Cleaning certificate files.
24/05/2024 14:16:10 DEBUG: Generating password file.
24/05/2024 14:16:10 DEBUG: Generating random passwords.
24/05/2024 14:16:10 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
24/05/2024 14:16:10 DEBUG: Extracting Wazuh configuration.
24/05/2024 14:16:10 DEBUG: Reading configuration file.
24/05/2024 14:16:11 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 14:16:11 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 14:16:11 DEBUG: Checking if 127.0.0.1 is private.
24/05/2024 14:16:11 INFO: --- Wazuh indexer ---
24/05/2024 14:16:11 INFO: Starting Wazuh indexer installation.
Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: wazuh-indexer 0 upgraded, 1 newly installed, 0 to remove and 89 not upgraded. Need to get 759 MB of archives. After this operation, 1050 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/pre-rele NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-92-generic NEEDRESTART-KEXP: 5.15.0-92-generic NEEDRESTART-KSTA: 1iously unselected package wazuh-indexer.
24/05/2024 14:17:39 DEBUG: Checking Wazuh installation.
24/05/2024 14:17:40 DEBUG: There are Wazuh indexer remaining files.
24/05/2024 14:17:41 INFO: Wazuh indexer installation finished.
24/05/2024 14:17:41 DEBUG: Configuring Wazuh indexer.
24/05/2024 14:17:41 DEBUG: Copying Wazuh indexer certificates.
24/05/2024 14:17:41 INFO: Wazuh indexer post-install configuration finished.
24/05/2024 14:17:41 INFO: Starting service wazuh-indexer.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-indexer.service → /lib/systemd/system/wazuh-indexer.service.
24/05/2024 14:17:55 INFO: wazuh-indexer service started.
24/05/2024 14:17:55 INFO: Initializing Wazuh indexer cluster security settings.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /etc/wazuh-indexer/opensearch-security/
Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml 
   SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml 
   SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml 
   SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml 
   SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml 
   SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml 
   SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml 
   SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml 
   SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml 
   SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml 
   SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null
Done with success
24/05/2024 14:18:06 INFO: Wazuh indexer cluster security configuration initialized.
24/05/2024 14:18:06 INFO: Wazuh indexer cluster initialized.
24/05/2024 14:18:06 INFO: --- Wazuh server ---
24/05/2024 14:18:06 INFO: Starting the Wazuh manager installation.
Reading package lists... Building dependency tree... Reading state information... Suggested packages: expect The following NEW packages will be installed: wazuh-manager 0 upgraded, 1 newly installed, 0 to remove and 89 not upgraded. Need to get 317 MB of archives. After this operation, 917 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 wazuh-manager amd64 4.8.0-1 [317 MB] Fetched 317 MB in 19s (16.6 MB/s) Selecting previously unselected package wazuh-manag NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-92-generic NEEDRESTART-KEXP: 5.15.0-92-generic NEEDRESTART-KSTA: 1
24/05/2024 14:19:22 DEBUG: Checking Wazuh installation.
24/05/2024 14:19:22 DEBUG: There are Wazuh remaining files.
24/05/2024 14:19:23 DEBUG: There are Wazuh indexer remaining files.
24/05/2024 14:19:23 INFO: Wazuh manager installation finished.
24/05/2024 14:19:23 DEBUG: Configuring Wazuh manager.
24/05/2024 14:19:23 DEBUG: Setting provisional Wazuh indexer password.
24/05/2024 14:19:23 INFO: Wazuh manager vulnerability detection configuration finished.
24/05/2024 14:19:23 INFO: Starting service wazuh-manager.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-manager.service → /lib/systemd/system/wazuh-manager.service.
24/05/2024 14:19:39 INFO: wazuh-manager service started.
24/05/2024 14:19:39 INFO: Starting Filebeat installation.
Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: filebeat 0 upgraded, 1 newly installed, 0 to remove and 89 not upgraded. Need to get 22.1 MB of archives. After this operation, 73.6 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/pre-release/ NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-92-generic NEEDRESTART-KEXP: 5.15.0-92-generic NEEDRESTART-KSTA: 1selected package filebeat.
24/05/2024 14:19:50 DEBUG: Checking Wazuh installation.
24/05/2024 14:19:50 DEBUG: There are Wazuh remaining files.
24/05/2024 14:19:51 DEBUG: There are Wazuh indexer remaining files.
24/05/2024 14:19:51 DEBUG: There are Filebeat remaining files.
24/05/2024 14:19:51 INFO: Filebeat installation finished.
24/05/2024 14:19:51 DEBUG: Configuring Filebeat.
24/05/2024 14:19:52 DEBUG: Filebeat template was download successfully.
wazuh/
wazuh/_meta/
wazuh/_meta/docs.asciidoc
wazuh/_meta/fields.yml
wazuh/_meta/config.yml
wazuh/alerts/
wazuh/alerts/config/
wazuh/alerts/config/alerts.yml
wazuh/alerts/manifest.yml
wazuh/alerts/ingest/
wazuh/alerts/ingest/pipeline.json
wazuh/module.yml
wazuh/archives/
wazuh/archives/config/
wazuh/archives/config/archives.yml
wazuh/archives/manifest.yml
wazuh/archives/ingest/
wazuh/archives/ingest/pipeline.json
24/05/2024 14:19:53 DEBUG: Filebeat module was downloaded successfully.
24/05/2024 14:19:53 DEBUG: Copying Filebeat certificates.
Created filebeat keystore
Successfully updated the keystore
Successfully updated the keystore
24/05/2024 14:19:53 INFO: Filebeat post-install configuration finished.
24/05/2024 14:19:53 INFO: Starting service filebeat.
Synchronizing state of filebeat.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable filebeat
Created symlink /etc/systemd/system/multi-user.target.wants/filebeat.service → /lib/systemd/system/filebeat.service.
24/05/2024 14:19:54 INFO: filebeat service started.
24/05/2024 14:19:54 INFO: --- Wazuh dashboard ---
24/05/2024 14:19:54 INFO: Starting Wazuh dashboard installation.
Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: wazuh-dashboard 0 upgraded, 1 newly installed, 0 to remove and 89 not upgraded. Need to get 186 MB of archives. After this operation, 998 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/pre-rel NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-92-generic NEEDRESTART-KEXP: 5.15.0-92-generic NEEDRESTART-KSTA: 1reviously unselected package wazuh-dashboard.
24/05/2024 14:21:11 DEBUG: Checking Wazuh installation.
24/05/2024 14:21:11 DEBUG: There are Wazuh remaining files.
24/05/2024 14:21:12 DEBUG: There are Wazuh indexer remaining files.
24/05/2024 14:21:12 DEBUG: There are Filebeat remaining files.
24/05/2024 14:21:12 DEBUG: There are Wazuh dashboard remaining files.
24/05/2024 14:21:12 INFO: Wazuh dashboard installation finished.
24/05/2024 14:21:12 DEBUG: Configuring Wazuh dashboard.
24/05/2024 14:21:12 DEBUG: Copying Wazuh dashboard certificates.
24/05/2024 14:21:12 DEBUG: Wazuh dashboard certificate setup finished.
24/05/2024 14:21:12 INFO: Wazuh dashboard post-install configuration finished.
24/05/2024 14:21:12 INFO: Starting service wazuh-dashboard.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-dashboard.service → /etc/systemd/system/wazuh-dashboard.service.
24/05/2024 14:21:13 INFO: wazuh-dashboard service started.
24/05/2024 14:21:13 DEBUG: Setting Wazuh indexer cluster passwords.
24/05/2024 14:21:13 DEBUG: Checking Wazuh installation.
24/05/2024 14:21:13 DEBUG: There are Wazuh remaining files.
24/05/2024 14:21:14 DEBUG: There are Wazuh indexer remaining files.
24/05/2024 14:21:14 DEBUG: There are Filebeat remaining files.
24/05/2024 14:21:14 DEBUG: There are Wazuh dashboard remaining files.
24/05/2024 14:21:14 INFO: Updating the internal users.
24/05/2024 14:21:14 DEBUG: Creating password backup.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml 
   SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml
Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml 
   SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml
Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml 
   SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml 
   SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml
Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml 
   SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml
Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml 
   SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml
Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml 
   SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml 
   SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml
Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml 
   SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml
Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml 
   SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml
24/05/2024 14:21:18 DEBUG: Password backup created in /etc/wazuh-indexer/backup.
24/05/2024 14:21:18 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
24/05/2024 14:21:18 DEBUG: The internal users have been updated before changing the passwords.
24/05/2024 14:21:19 DEBUG: Generating password hashes.
24/05/2024 14:21:24 DEBUG: Password hashes generated.
24/05/2024 14:21:24 DEBUG: Creating password backup.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml 
   SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml
Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml 
   SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml
Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml 
   SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml 
   SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml
Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml 
   SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml
Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml 
   SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml
Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml 
   SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml 
   SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml
Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml 
   SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml
Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml 
   SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml
24/05/2024 14:21:26 DEBUG: Password backup created in /etc/wazuh-indexer/backup.
Successfully updated the keystore
24/05/2024 14:21:26 DEBUG: Restarting filebeat service...
24/05/2024 14:21:27 DEBUG: filebeat started.
24/05/2024 14:21:27 DEBUG: Restarting wazuh-manager service...
24/05/2024 14:21:50 DEBUG: wazuh-manager started.
24/05/2024 14:21:51 DEBUG: Restarting wazuh-dashboard service...
24/05/2024 14:21:52 DEBUG: wazuh-dashboard started.
24/05/2024 14:21:52 DEBUG: Running security admin tool.
24/05/2024 14:21:52 DEBUG: Loading new passwords changes.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Populate config from /home/vagrant
Force type: internalusers
Will update '/internalusers' with /etc/wazuh-indexer/backup/internal_users.yml 
   SUCC: Configuration for 'internalusers' created or updated
SUCC: Expected 1 config types for node {"updated_config_types":["internalusers"],"updated_config_size":1,"message":null} is 1 (["internalusers"]) due to: null
Done with success
24/05/2024 14:21:54 DEBUG: Passwords changed.
24/05/2024 14:21:54 DEBUG: Changing API passwords.
24/05/2024 14:22:01 INFO: Initializing Wazuh dashboard web application.
24/05/2024 14:22:02 INFO: Wazuh dashboard web application initialized.
24/05/2024 14:22:02 INFO: --- Summary ---
24/05/2024 14:22:02 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: 8*VvT2BGCue5M*7rMvWA4MBa?.9Zvoyp
24/05/2024 14:22:02 DEBUG: Restoring Wazuh repository.
24/05/2024 14:22:02 INFO: Installation finished.
root@ubuntu-jammy:/home/vagrant# 

---

Errors were also found in the Windows agents since they did not support creating certificates for 4.8.0 with the cert_tool.sh, which required updates.

---

Test with green status:

Linux Agent 🟢 :

Input yaml:

version: 0.1
description: This workflow is used to test agents deployment for DDT1 PoC
variables:
  agent-os:
    - linux-ubuntu-20.04-amd64

  manager-os: linux-ubuntu-22.04-amd64
  infra-provider: vagrant
  macos-infra-provider: vagrant
  working-dir: /tmp/dtt1-poc

tasks:
  # Unique manager allocate task
  - task: "allocate-manager-{manager-os}"
    description: "Allocate resources for the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: large
          - composite-name: "{manager-os}"
          - inventory-output: "{working-dir}/manager-{manager-os}/inventory.yaml"
          - track-output: "{working-dir}/manager-{manager-os}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/manager-{manager-os}/track.yaml"

  # Unique agent allocate task
  - task: "allocate-agent-{agent}"
    description: "Allocate resources for the agent."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: small
          - composite-name: "{agent}"
          - inventory-output: "{working-dir}/agent-{agent}/inventory.yaml"
          - track-output: "{working-dir}/agent-{agent}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    foreach:
      - variable: agent-os
        as: agent
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/agent-{agent}/track.yaml"

  # Unique manager provision task
  - task: "provision-manager-{manager-os}"
    description: "Provision the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/provision/main.py
          - inventory: "{working-dir}/manager-{manager-os}/inventory.yaml"
          - install:
            - component: wazuh-manager
              type: assistant
              version: 4.8.0
              live: False
    depends-on:
      - "allocate-manager-{manager-os}"
    on-error: "abort-all"

  # Generic agent test task
  - task: "run-agent-{agent}-tests"
    description: "Run tests install for the agent {agent}."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/testing/main.py
          - targets:
            - wazuh-1: "{working-dir}/manager-{manager-os}/inventory.yaml"
            - agent: "{working-dir}/agent-{agent}/inventory.yaml"
          - tests: "install,registration,basic_info"
          - component: "agent"
          - wazuh-version: "4.8.0"
          - wazuh-revision: "40811"
          - live: False
    foreach:
      - variable: agent-os
        as: agent
    depends-on:
      - "allocate-agent-{agent}"
      - "provision-manager-{manager-os}"

Result:

Agent linux 🟢 installing Wazuh manager:

Input yaml:

version: 0.1
description: This workflow is used to test agents deployment for DDT1 PoC
variables:
  agent-os:
    - linux-ubuntu-20.04-amd64

  manager-os: linux-ubuntu-22.04-amd64
  infra-provider: aws
  working-dir: /tmp/dtt1-poc

tasks:
  # Unique manager allocate task
  - task: "allocate-manager-{manager-os}"
    description: "Allocate resources for the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: large
          - composite-name: "{manager-os}"
          - inventory-output: "{working-dir}/manager-{manager-os}/inventory.yaml"
          - track-output: "{working-dir}/manager-{manager-os}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    #cleanup:
    #  this: process
    #  with:
    #    path: python3
    #    args:
    #      - modules/allocation/main.py
    #      - action: delete
    #      - track-output: "{working-dir}/manager-{manager-os}/track.yaml"

  # Unique agent allocate task
  - task: "allocate-agent-{agent}"
    description: "Allocate resources for the agent."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: small
          - composite-name: "{agent}"
          - inventory-output: "{working-dir}/agent-{agent}/inventory.yaml"
          - track-output: "{working-dir}/agent-{agent}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    foreach:
      - variable: agent-os
        as: agent
    #cleanup:
    #  this: process
    #  with:
    #    path: python3
    #    args:
    #      - modules/allocation/main.py
    #      - action: delete
    #      - track-output: "{working-dir}/agent-{agent}/track.yaml"

  # Generic agent test task
  - task: "run-agent-{agent}-tests"
    description: "Run tests install for the agent {agent}."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/testing/main.py
          - targets:
            - wazuh-1: "{working-dir}/manager-{manager-os}/inventory.yaml"
            - agent: "{working-dir}/agent-{agent}/inventory.yaml"
          - tests: "install,registration,basic_info"
          - component: "agent"
          - wazuh-version: "4.8.0"
          - wazuh-revision: "40811"
          - live: False
    foreach:
      - variable: agent-os
        as: agent
    depends-on:
      - "allocate-agent-{agent}"
      - "allocate-manager-{manager-os}"

Result:

Test-agents-one-linux.log

Windows Agent 🟢 :

Input yaml:

version: 0.1
description: This workflow is used to test agents deployment for DDT1 PoC
variables:
  agent-os:
    - linux-ubuntu-20.04-amd64

  windows-agent-os:
    - windows-server-2022-amd64


  manager-os: linux-ubuntu-22.04-amd64
  infra-provider: aws
  macos-infra-provider: vagrant
  working-dir: /tmp/dtt1-poc

tasks:
  # Unique manager allocate task
  - task: "allocate-manager-{manager-os}"
    description: "Allocate resources for the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: large
          - composite-name: "{manager-os}"
          - inventory-output: "{working-dir}/manager-{manager-os}/inventory.yaml"
          - track-output: "{working-dir}/manager-{manager-os}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/manager-{manager-os}/track.yaml"

  # Unique agent allocate task
  - task: "allocate-agent-{agent}"
    description: "Allocate resources for the agent."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: small
          - composite-name: "{agent}"
          - inventory-output: "{working-dir}/agent-{agent}/inventory.yaml"
          - track-output: "{working-dir}/agent-{agent}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    foreach:
      - variable: agent-os
        as: agent
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/agent-{agent}/track.yaml"

  
  # Unique Windows agent allocate task
  - task: "allocate-windows-agent-{agent}"
    description: "Allocate resources for the agent."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: large
          - composite-name: "{agent}"
          - inventory-output: "{working-dir}/agent-{agent}/inventory.yaml"
          - track-output: "{working-dir}/agent-{agent}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    foreach:
      - variable: windows-agent-os
        as: agent
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/agent-{agent}/track.yaml"

  # Unique manager provision task
  - task: "provision-manager-{manager-os}"
    description: "Provision the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/provision/main.py
          - inventory: "{working-dir}/manager-{manager-os}/inventory.yaml"
          - install:
            - component: wazuh-manager
              type: assistant
              version: 4.8.0
              live: False
    depends-on:
      - "allocate-manager-{manager-os}"
    on-error: "abort-all"

  # Generic agent test task
  - task: "run-agent-{agent}-tests"
    description: "Run tests install for the agent {agent}."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/testing/main.py
          - targets:
            - wazuh-1: "{working-dir}/manager-{manager-os}/inventory.yaml"
            - agent: "{working-dir}/agent-{agent}/inventory.yaml"
          - tests: "install,registration,basic_info"
          - component: "agent"
          - wazuh-version: "4.8.0"
          - wazuh-revision: "40811"
          - live: False
    foreach:
      - variable: agent-os
        as: agent
    depends-on:
      - "allocate-agent-{agent}"
      - "provision-manager-{manager-os}"

  # Generic windows agent test task
  - task: "run-windows-agent-{agent}-tests"
    description: "Run tests install for the agent {agent}."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/testing/main.py
          - targets:
            - wazuh-1: "{working-dir}/manager-{manager-os}/inventory.yaml"
            - agent: "{working-dir}/agent-{agent}/inventory.yaml"
          - tests: "install,registration,basic_info"
          - component: "agent"
          - wazuh-version: "4.8.0"
          - wazuh-revision: "40811"
          - live: False
    foreach:
      - variable: windows-agent-os
        as: agent
    depends-on:
      - "allocate-windows-agent-{agent}"
      - "provision-manager-{manager-os}"

Result:

Test-agents-one-each.log

macOS Agent 🔴 :

[0;31m launchctl list | grep com.wazuh.agent[0m
[0;31m command ##########[0m
[0;31m result ####################[0;31m result ####################[0;
[0;31m {'success': False, 'output': None}[0m
[0;31m [31m[2024-05-31 13:01:35] [ERROR] TESTER: agent-macos-sonoma-14-amd64 is not active by command[0m[0m
[0;31m FAILED[0m

Further analysis and testing is required to detect the actual failure.

[rauldpm]

This issue has been on hold since 27/05/2024 as Federico is OOO

[fcaffieri]

Retaking the issue with some blocks because the pre-release repository is not 100% available due to release 4.7.5
https://wazuh-team.slack.com/archives/C02A737S5MJ/p1717073543900979?thread_ts=1717053492.730899&cid=C02A737S5MJ

[fcaffieri]

Update report

MacOS error research.

After registering the agent (up to this point the installation, registration and connection with the manager was carried out satisfactorily), a test fails to determine whether the component, in this case the agent, is active by process (validation of whether it is active by Wazuh control has already passed). )

Mistake:

[0;31m launchctl list | grep com.wazuh.agent[0m
[0;31m command ##########[0m
[0;31m result ####################[0;31m result ####################[0;
[0;31m {'success': False, 'output': None}[0m
[0;31m [31m[2024-05-31 13:01:35] [ERROR] TESTER: agent-macos-sonoma-14-amd64 is not active by command[0m[0m
[0;31m FAILED[0m

To detect if the agent process is running, use this command launchctl list | grep com.wazuh.agent

Validating in the raised VM it is detected that the agent was installed and registered correctly and that it is active:

sh-3.2# /Library/Ossec/bin/wazuh-control status
wazuh-modulesd is running...
wazuh-logcollector is running...
wazuh-syscheckd is running...
wazuh-agentd is running...
wazuh-execd is running...
sh-3.2#

sh-3.2# ps aux | grep wazuh
wazuh 2142 0.1 0.1 34172172 3508 ?? S 9:01AM 0:01.49 /Library/Ossec/bin/wazuh-agentd

But when executing the command used in the test it gives:

And the agent successfully registered in the manager:

ubuntu@ip-172-31-83-167:~$ sudo su
root@ip-172-31-83-167:/home/ubuntu# /var/ossec/bin/agent_control -l

Wazuh agent_control. List of available agents:
 ID: 000, Name: ip-172-31-83-167 (server), IP: 127.0.0.1, Active/Local
 ID: 001, Name: agent-macos-sonoma-14-amd64, IP: any, Active

List of agentless devices:

root@ip-172-31-83-167:/home/ubuntu#

Then the way to detect whether the process is running was modified and the tests were relaunched.

---

New test macOS 🟢

Input yaml:

version: 0.1
description: This workflow is used to test agents deployment for DDT1 PoC
variables:
  #agent-os:
  #  - linux-ubuntu-20.04-amd64

  macos-agent-os:
    - macos-sonoma-14-amd64

  manager-os: linux-ubuntu-22.04-amd64
  infra-provider: aws
  macos-infra-provider: vagrant
  working-dir: /tmp/dtt1-poc

tasks:
  # Unique manager allocate task
  - task: "allocate-manager-{manager-os}"
    description: "Allocate resources for the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: large
          - composite-name: "{manager-os}"
          - inventory-output: "{working-dir}/manager-{manager-os}/inventory.yaml"
          - track-output: "{working-dir}/manager-{manager-os}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/manager-{manager-os}/track.yaml"

 
  # Unique macOS agent allocate task
  - task: "allocate-macos-agent-{agent}"
    description: "Allocate resources for the agent."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{macos-infra-provider}"
          - size: small
          - composite-name: "{agent}"
          - inventory-output: "{working-dir}/agent-{agent}/inventory.yaml"
          - track-output: "{working-dir}/agent-{agent}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    foreach:
      - variable: macos-agent-os
        as: agent
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/agent-{agent}/track.yaml"


  # Unique manager provision task
  - task: "provision-manager-{manager-os}"
    description: "Provision the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/provision/main.py
          - inventory: "{working-dir}/manager-{manager-os}/inventory.yaml"
          - install:
            - component: wazuh-manager
              type: assistant
              version: 4.8.0
              live: False
    depends-on:
      - "allocate-manager-{manager-os}"
    on-error: "abort-all"

 

  # Generic macOS agent test task
  - task: "run-agent-{agent}-tests"
    description: "Run tests install for the agent {agent}."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/testing/main.py
          - targets:
            - wazuh-1: "{working-dir}/manager-{manager-os}/inventory.yaml"
            - agent: "{working-dir}/agent-{agent}/inventory.yaml"
          - tests: "install,registration,basic_info,connection,restart,stop,uninstall"
          - component: "agent"
          - wazuh-version: "4.8.0"
          - wazuh-revision: "40811"
          - live: False
    foreach:
      - variable: macos-agent-os
        as: agent
    depends-on:
      - "allocate-macos-agent-{agent}"
      - "provision-manager-{manager-os}"

Result:

Test-agents-macos.log

[fcaffieri]

Test summary:

Test	status
Test agent Linux, macOS and Windows with provision manager	🟢
Test agent Linux, macOS and Windows installing manager with test	🟢
Test manager	🟢
Test Central components	🟢

In all tests, the install, registration, basic_info, connection, restart, stop, and uninstall tests were executed into in a group of delimited systems

[fcaffieri]

Update report

Test status on agent testing for all systems:

Input yaml:

version: 0.1
description: This workflow is used to test agents deployment for DDT1 PoC
variables:
  agent-os:
    - linux-redhat-7-amd64
    - linux-redhat-7-arm64
    - linux-redhat-8-amd64
    - linux-redhat-8-arm64
    - linux-redhat-9-amd64
    - linux-redhat-9-arm64
    - linux-centos-7-amd64
    - linux-centos-7-arm64
    - linux-centos-8-amd64
    - linux-centos-8-arm64
    - linux-debian-10-amd64
    - linux-debian-10-arm64
    - linux-debian-11-amd64
    - linux-debian-11-arm64
    - linux-debian-12-amd64
    - linux-debian-12-arm64
    - linux-ubuntu-22.04-amd64
    - linux-ubuntu-22.04-arm64
    - linux-ubuntu-18.04-amd64
    - linux-ubuntu-18.04-arm64
    - linux-ubuntu-20.04-amd64
    - linux-ubuntu-20.04-arm64
    - linux-oracle-9-amd64
    - linux-amazon-2-amd64
    - linux-amazon-2-arm64
    - linux-amazon-2023-amd64
    - linux-amazon-2023-arm64

  windows-agent-os:
    - windows-desktop-10-amd64
    - windows-server-2012r2-amd64
    - windows-server-2016-amd64
    - windows-server-2019-amd64
    - windows-server-2022-amd64

  macos-agent-os:
    - macos-ventura-13-amd64
    - macos-sonoma-14-amd64

  manager-os: linux-ubuntu-22.04-amd64
  infra-provider: aws
  macos-infra-provider: vagrant
  working-dir: /tmp/dtt1-poc

tasks:
  # Unique manager allocate task
  - task: "allocate-manager-{manager-os}"
    description: "Allocate resources for the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: large
          - composite-name: "{manager-os}"
          - inventory-output: "{working-dir}/manager-{manager-os}/inventory.yaml"
          - track-output: "{working-dir}/manager-{manager-os}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/manager-{manager-os}/track.yaml"

  # Unique manager provision task
  - task: "provision-manager-{manager-os}"
    description: "Provision the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/provision/main.py
          - inventory: "{working-dir}/manager-{manager-os}/inventory.yaml"
          - install:
            - component: wazuh-manager
              type: assistant
              version: 4.8.0
              live: False
    depends-on:
      - "allocate-manager-{manager-os}"
    on-error: "abort-all"


  # Unique agent allocate task
  - task: "allocate-agent-{agent}"
    description: "Allocate resources for the agent."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: small
          - composite-name: "{agent}"
          - inventory-output: "{working-dir}/agent-{agent}/inventory.yaml"
          - track-output: "{working-dir}/agent-{agent}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    foreach:
      - variable: agent-os
        as: agent
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/agent-{agent}/track.yaml"


  # Generic agent test task
  - task: "run-agent-{agent}-tests"
    description: "Run tests install for the agent {agent}."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/testing/main.py
          - targets:
            - wazuh-1: "{working-dir}/manager-{manager-os}/inventory.yaml"
            - agent: "{working-dir}/agent-{agent}/inventory.yaml"
          - tests: "install,registration,connection,basic_info,restart,stop,uninstall"
          - component: "agent"
          - wazuh-version: "4.8.0"
          - wazuh-revision: "40811"
          - live: False
    foreach:
      - variable: agent-os
        as: agent
    depends-on:
      - "allocate-agent-{agent}"
      - "provision-manager-{manager-os}"



  # Unique agent allocate task
  - task: "allocate-macos-agent-{agent}"
    description: "Allocate resources for the agent."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{macos-infra-provider}"
          - size: small
          - composite-name: "{agent}"
          - inventory-output: "{working-dir}/agent-{agent}/inventory.yaml"
          - track-output: "{working-dir}/agent-{agent}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    foreach:
      - variable: macos-agent-os
        as: agent
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/agent-{agent}/track.yaml"


  # Generic agent test task
  - task: "run-macos-agent-{agent}-tests"
    description: "Run tests install for the agent {agent}."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/testing/main.py
          - targets:
            - wazuh-1: "{working-dir}/manager-{manager-os}/inventory.yaml"
            - agent: "{working-dir}/agent-{agent}/inventory.yaml"
          - tests: "install,registration,connection,basic_info,restart,stop,uninstall"
          - component: "agent"
          - wazuh-version: "4.8.0"
          - wazuh-revision: "40811"
          - live: False
    foreach:
      - variable: macos-agent-os
        as: agent
    depends-on:
      - "allocate-macos-agent-{agent}"
      - "provision-manager-{manager-os}"


  # Unique agent allocate task
  - task: "allocate-windows-agent-{agent}"
    description: "Allocate resources for the agent."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: small
          - composite-name: "{agent}"
          - inventory-output: "{working-dir}/agent-{agent}/inventory.yaml"
          - track-output: "{working-dir}/agent-{agent}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
          - label-issue: "https://github.com/wazuh/wazuh-qa/issues/5191"
    on-error: "abort-all"
    foreach:
      - variable: windows-agent-os
        as: agent
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/agent-{agent}/track.yaml"


  # Generic agent test task
  - task: "run-windows-agent-{agent}-tests"
    description: "Run tests install for the agent {agent}."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/testing/main.py
          - targets:
            - wazuh-1: "{working-dir}/manager-{manager-os}/inventory.yaml"
            - agent: "{working-dir}/agent-{agent}/inventory.yaml"
          - tests: "install,registration,connection,basic_info,restart,stop,uninstall"
          - component: "agent"
          - wazuh-version: "4.8.0"
          - wazuh-revision: "40811"
          - live: False
    foreach:
      - variable: windows-agent-os
        as: agent
    depends-on:
      - "allocate-windows-agent-{agent}"
      - "provision-manager-{manager-os}"

Full Log:

Test-agents-complete.log

Summury Result:

Agent	Test result	Error
linux-redhat-7-amd64	🟢	-
linux-redhat-7-arm64	🟢	-
linux-redhat-8-amd64	🟢	-
linux-redhat-8-arm64	🟢	-
linux-redhat-9-amd64	🟢	-
linux-redhat-9-arm64	🟢	-
linux-centos-7-amd64	🟢	-
linux-centos-7-arm64	🟢	-
linux-centos-8-amd64	🟢	-
linux-centos-8-arm64	🟢	-
linux-debian-10-amd64	🟢	-
linux-debian-10-arm64	🟢	-
linux-debian-11-amd64	🟢	-
linux-debian-11-arm64	🟢	-
linux-debian-12-amd64	🟢	-
linux-debian-12-arm64	🟢	-
linux-ubuntu-22.04-amd64	🟢	-
linux-ubuntu-22.04-arm64	🟢	-
linux-ubuntu-18.04-amd64	🟢	-
linux-ubuntu-18.04-arm64	🟢	-
linux-ubuntu-20.04-amd64	🟢	-
linux-ubuntu-20.04-arm64	🟢	-
linux-oracle-9-amd64	🟢	-
linux-amazon-2-amd64	🟢	-
linux-amazon-2-arm64	🟢	-
linux-amazon-2023-amd64	🟢	-
linux-amazon-2023-arm64	🟢	-
windows-server-2022-amd64	🔴	test_stop.py::test_processes - Failed
windows-server-2012r2-amd64	🟢	-
windows-server-2016-amd64	🟢	-
windows-server-2019-amd64	🟢	-
windows-desktop-10-amd64	🔴	Failure in time out to reach - TESTER: Error on attempt 10 of 10: HTTPSConnectionPool
macos-ventura-13-amd64	🟢	-
macos-ventura-13-arm64	⚫
macos-sonoma-14-amd64	🟢	-
macos-sonoma-14-arm64	⚫

[fcaffieri]

Research Windows errors

The problem with Windows VMs is that when using a small instance, it is likely to fail due to time out or because the machine cannot respond in time because the small instance has few resources for what Windows needs.
The test was repeated with the Windows that failed by increasing the size to large and worked correctly. The attached log shows that the connection was delayed but it connected without problems.
Concerning Windows 2022 that failed the stop test, the problem is similar, due to low resources it does not close the ports and the connectivity test after failing to stop. The attached example worked correctly with an instance of the type large.

Agent	Test result	Error
windows-server-2022-amd64	🟢	-
windows-desktop-10-amd64	🟢	-

Logs:
Test-agents-complete_only_failures.log

[fcaffieri]

Test macOS arm64

Agent	Test result	Error
macos-ventura-13-arm64	🟢	-
macos-sonoma-14-arm64	🟢	-

Logs:

Test-agents-macos_arm64.log

[fcaffieri]

Test Managers

Input yaml:

version: 0.1
description: This workflow is used to test manager deployment for DDT1 PoC
variables:
  manager-os:
    - linux-ubuntu-20.04-amd64
    - linux-ubuntu-22.04-amd64
    - linux-redhat-7-amd64
    - linux-redhat-8-amd64
    - linux-redhat-9-amd64
    - linux-centos-7-amd64
    - linux-debian-10-amd64
    - linux-debian-11-amd64
    - linux-debian-12-amd64
  infra-provider: aws
  working-dir: /tmp/dtt1-poc

tasks:
  # Unique manager allocate task
  - task: "allocate-manager-{manager}"
    description: "Allocate resources for the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: large
          - composite-name: "{manager}"
          - inventory-output: "{working-dir}/manager-{manager}/inventory.yaml"
          - track-output: "{working-dir}/manager-{manager}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
    on-error: "abort-all"
    foreach:
      - variable: manager-os
        as: manager
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/manager-{manager}/track.yaml"

  # Generic manager test task
  - task: "run-manager-tests"
    description: "Run tests install for the manager."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/testing/main.py
          - targets:
            - wazuh-1: "{working-dir}/manager-linux-centos-7-amd64/inventory.yaml"
            - wazuh-2: "{working-dir}/manager-linux-ubuntu-20.04-amd64/inventory.yaml"
            - wazuh-3: "{working-dir}/manager-linux-ubuntu-22.04-amd64/inventory.yaml"
            - wazuh-4: "{working-dir}/manager-linux-redhat-7-amd64/inventory.yaml"
            - wazuh-5: "{working-dir}/manager-linux-redhat-8-amd64/inventory.yaml"
            - wazuh-6: "{working-dir}/manager-linux-redhat-9-amd64/inventory.yaml"
            - wazuh-7: "{working-dir}/manager-linux-debian-10-amd64/inventory.yaml"
            - wazuh-8: "{working-dir}/manager-linux-debian-11-amd64/inventory.yaml"
            - wazuh-9: "{working-dir}/manager-linux-debian-12-amd64/inventory.yaml"
          - tests: "install,restart,stop,uninstall"
          - component: "manager"
          - wazuh-version: "4.8.0"
          - wazuh-revision: "40811"
          - live: False
    depends-on:
      - "allocate-manager-linux-ubuntu-20.04-amd64"
      - "allocate-manager-linux-ubuntu-22.04-amd64"
      - "allocate-manager-linux-redhat-7-amd64"
      - "allocate-manager-linux-redhat-8-amd64"
      - "allocate-manager-linux-redhat-9-amd64"
      - "allocate-manager-linux-centos-7-amd64"
      - "allocate-manager-linux-debian-10-amd64"
      - "allocate-manager-linux-debian-11-amd64"
      - "allocate-manager-linux-debian-12-amd64"

Full Log:

Test-manager-complete.log

Summury Result:

Agent	Test result	Error
linux-ubuntu-20.04-amd6	🟢	-
linux-ubuntu-22.04-amd6	🟢	-
linux-redhat-7-amd64	🟢	-
linux-redhat-8-amd64	🟢	-
linux-redhat-9-amd64	🟢	-
linux-amazon-2-amd64	🔴	Failed instaling Wazuh
linux-centos-8-amd64	🔴	Failed instaling Wazuh
linux-centos-7-amd64	🟢	-
linux-debian-10-amd64	🟢	-
linux-debian-11-amd64	🟢	-
linux-debian-12-amd64	🟢	-

[fcaffieri]

Research Test Manager's errors

• linux-amazon-2-amd64:

After intense research, it was detected that the Amazon Linux 2 problem is due to a disk space problem. When you try to download the Wazuh dashboard package, you run out of space.

Mistake:

23:57:43 INFO: Starting Wazuh dashboard installation.04/06/2024 23:57:50 ERROR: Wazuh dashboard installation failed.

In the machine:

Error downloading packages:
 wazuh-dashboard-4.8.0-1.x86_64: Out of space in download directory /var/cache/yum/x86_64/2/wazuh/packages
 * free 39M
 *necessary 275M

05/06/2024 15:47:00 ERROR: Wazuh dashboard installation failed.

The following issue was generated to fix the problem of disk space allocation by the allocator:

• Allocation - Fix disk allocation #5464

• linux-centos-8-amd64:

After intense research, it was detected that the CentOS 8 problem is due to a problem with the CentOS 8 AppStream.

Mistake:

CentOS Stream 8 - AppStream 1.6 kB/s | 38 B 00:00
Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist

The following issue was generated to fix the problem by generating a new AMI:

• Fix CentOS 8 AMI #5463

Test summary:

Agent	Test result	Error
linux-amazon-2-amd64	🔴	Disk space problem
linux-centos-8-amd64	🔴	Wrong AMI

[fcaffieri]

Test Central Components:

Test summary:

Agent	Test result	Error
linux-ubuntu-20.04-amd64	🟢	-
linux-ubuntu-22.04-amd64	🟢	-
linux-amazon-2-amd64	🔴	Disk problem
linux-redhat-7-amd64	🟢	-
linux-redhat-8-amd64	🟢	-
linux-redhat-9-amd64	🟢	-
linux-centos-7-amd64	🟢	-
linux-centos-8-amd64	🔴	AMI problem
linux-debian-10-amd64	🔴	Disk problem
linux-debian-11-amd64	🔴	Disk problem
linux-debian-12-amd64	🔴	Disk problem

The same problems reported for the manager's tests were found in the failed central components tests.
They should be resolved with the following issues:

• Fix CentOS 8 AMI #5463
• Allocation - Fix disk allocation #5464

[fcaffieri]

New test Central Components for operating systems that failed:

Test summary:

Agent	Test result	Error
linux-amazon-2-amd64	🟢	-
linux-centos-8-amd64	🟢	-
linux-debian-10-amd64	🟢	-
linux-debian-11-amd64	🟢	-
linux-debian-12-amd64	🟢	-

Logs:

Amazon-2:

Test-CC-amazon2.log

Debian:

Test-CC-debian.log

CentOS 8:

Test-CC-centos8.log

[fcaffieri]

New test Managers' for operating systems that failed:

Test summary:

Agent	Test result	Error
linux-amazon-2-amd64	🟢	-
linux-centos-8-amd64	🟢	-

Logs:

Test-manager-complete.log

[fcaffieri]

Update status

After talking with @rauldpm it was decided to analyze the possibility of adding connection tests between Wazuh manager and indexer

[fcaffieri]

Update report

Modifications were made, connection test was implemented between the Wazuh manager and indexer

Tests:

Agent	Test result
linux-ubuntu-20.04-amd64	🟢
linux-ubuntu-22.04-amd64	🟢
linux-amazon-2-amd64	🟢
linux-redhat-7-amd64	🟢
linux-redhat-8-amd64	🟢
linux-redhat-9-amd64	🟢
linux-centos-7-amd64	🟢
linux-centos-8-amd64	🟢
linux-debian-10-amd64	🟢
linux-debian-11-amd64	🟢
linux-debian-12-amd64	🟢

Input yaml:

version: 0.1
description: This workflow is used to test the Wazuh manager deployment for DDT1 PoC
variables:
  central_components-os:
    - linux-ubuntu-20.04-amd64
    - linux-ubuntu-22.04-amd64
    - linux-amazon-2-amd64
    - linux-redhat-7-amd64
    - linux-redhat-8-amd64
    - linux-redhat-9-amd64
    - linux-centos-7-amd64
    - linux-centos-8-amd64
    - linux-debian-10-amd64
    - linux-debian-11-amd64
    - linux-debian-12-amd64
  infra-provider: aws
  working-dir: /tmp/dtt1-poc

tasks:
  # Unique central components allocate task
  - task: "allocate-central_components-{central_components}"
    description: "Allocate resources for the central_components."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: create
          - provider: "{infra-provider}"
          - size: large
          - composite-name: "{central_components}"
          - inventory-output: "{working-dir}/central_components-{central_components}/inventory.yaml"
          - track-output: "{working-dir}/central_components-{central_components}/track.yaml"
          - label-termination-date: "1d"
          - label-team: "qa"
    on-error: "abort-all"
    foreach:
      - variable: central_components-os
        as: central_components
    cleanup:
      this: process
      with:
        path: python3
        args:
          - modules/allocation/main.py
          - action: delete
          - track-output: "{working-dir}/central_components-{central_components-os}/track.yaml"

  # Generic manager test task
  - task: "run-central_components-{central_components}-tests"
    description: "Run tests install for the central_components."
    do:
      this: process
      with:
        path: python3
        args:
          - modules/testing/main.py
          - targets:
            - wazuh-1: "{working-dir}/central_components-{central_components}/inventory.yaml"
          - tests: "install,restart,stop,uninstall"
          - component: "central_components"
          - wazuh-version: "4.8.0"
          - wazuh-revision: "40812"
          - live: False
    on-error: "abort-all"
    foreach:
      - variable: central_components-os
        as: central_components

Full Log:

Test-CC-complete.log

[rauldpm]

LGTM

4.9.0 packages will be tested in alpha 1