From 99f072eab027c29ad3c9949367bced9cd7218c0b Mon Sep 17 00:00:00 2001 From: Daniel Melgarejo Date: Mon, 28 Oct 2019 11:11:06 +0100 Subject: [PATCH 1/7] Added header Mitre template --- .github/ISSUE_TEMPLATE/test--mitre.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/test--mitre.md b/.github/ISSUE_TEMPLATE/test--mitre.md index b64d404936..2875bea189 100644 --- a/.github/ISSUE_TEMPLATE/test--mitre.md +++ b/.github/ISSUE_TEMPLATE/test--mitre.md @@ -1,3 +1,7 @@ +| Name | About | Title | Labels | Assigness | +| --- | --- | --- | --- | --- | +| Test: Mitre | Test suite for Mitre | '' | '' | '' | + # Mitre | Version | Revision | From 17f42ba049e906cebc8f66bcc73a0b4eb79ef929 Mon Sep 17 00:00:00 2001 From: Manuel Gutierrez Date: Wed, 30 Oct 2019 17:21:20 +0100 Subject: [PATCH 2/7] Enable cgroups for Amazon Linux systemd --- ansible/wazuh-ansible/molecule/default/molecule.yml | 5 +++++ .../molecule/elasticsearch-xpack/molecule.yml | 10 ++++++++++ .../wazuh-ansible/molecule/elasticsearch/molecule.yml | 5 +++++ ansible/wazuh-ansible/molecule/kibana/molecule.yml | 5 +++++ .../wazuh-ansible/molecule/wazuh-agent/molecule.yml | 5 +++++ ansible/wazuh-ansible/molecule/worker/molecule.yml | 5 +++++ 6 files changed, 35 insertions(+) diff --git a/ansible/wazuh-ansible/molecule/default/molecule.yml b/ansible/wazuh-ansible/molecule/default/molecule.yml index a8a3a6881d..58172c4378 100644 --- a/ansible/wazuh-ansible/molecule/default/molecule.yml +++ b/ansible/wazuh-ansible/molecule/default/molecule.yml @@ -14,6 +14,11 @@ platforms: - nofile:262144:262144 privileged: true memory_reservation: 2048m + tmpfs: + - /run + - /tmp + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro provisioner: name: ansible config_options: diff --git a/ansible/wazuh-ansible/molecule/elasticsearch-xpack/molecule.yml b/ansible/wazuh-ansible/molecule/elasticsearch-xpack/molecule.yml index 673f55d4a5..bf5b0e7cff 100644 --- a/ansible/wazuh-ansible/molecule/elasticsearch-xpack/molecule.yml +++ b/ansible/wazuh-ansible/molecule/elasticsearch-xpack/molecule.yml @@ -16,6 +16,11 @@ platforms: - nofile:262144:262144 privileged: true memory_reservation: 2048m + tmpfs: + - /run + - /tmp + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro - name: elasticsearch_${MOL_PLATFORM:-centos7}-2 image: ${MOL_IMAGE:-milcom/centos7-systemd} command: /sbin/init @@ -23,6 +28,11 @@ platforms: - nofile:262144:262144 privileged: true memory_reservation: 2048m + tmpfs: + - /run + - /tmp + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro provisioner: name: ansible config_options: diff --git a/ansible/wazuh-ansible/molecule/elasticsearch/molecule.yml b/ansible/wazuh-ansible/molecule/elasticsearch/molecule.yml index 64727daa49..14153732e4 100644 --- a/ansible/wazuh-ansible/molecule/elasticsearch/molecule.yml +++ b/ansible/wazuh-ansible/molecule/elasticsearch/molecule.yml @@ -16,6 +16,11 @@ platforms: - nofile:262144:262144 privileged: true memory_reservation: 2048m + tmpfs: + - /run + - /tmp + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro provisioner: name: ansible config_options: diff --git a/ansible/wazuh-ansible/molecule/kibana/molecule.yml b/ansible/wazuh-ansible/molecule/kibana/molecule.yml index f67002d890..d60594b31d 100644 --- a/ansible/wazuh-ansible/molecule/kibana/molecule.yml +++ b/ansible/wazuh-ansible/molecule/kibana/molecule.yml @@ -16,6 +16,11 @@ platforms: - nofile:262144:262144 privileged: true memory_reservation: 1024m + tmpfs: + - /run + - /tmp + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro provisioner: name: ansible config_options: diff --git a/ansible/wazuh-ansible/molecule/wazuh-agent/molecule.yml b/ansible/wazuh-ansible/molecule/wazuh-agent/molecule.yml index 70c24c94ea..7ccd13bf54 100644 --- a/ansible/wazuh-ansible/molecule/wazuh-agent/molecule.yml +++ b/ansible/wazuh-ansible/molecule/wazuh-agent/molecule.yml @@ -24,6 +24,11 @@ platforms: - name: wazuh groups: - agent + tmpfs: + - /run + - /tmp + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro #- name: wazuh_agent_xenial # image: solita/ubuntu-systemd:xenial # privileged: true diff --git a/ansible/wazuh-ansible/molecule/worker/molecule.yml b/ansible/wazuh-ansible/molecule/worker/molecule.yml index 77e68eeef7..40cea6fc85 100644 --- a/ansible/wazuh-ansible/molecule/worker/molecule.yml +++ b/ansible/wazuh-ansible/molecule/worker/molecule.yml @@ -16,6 +16,11 @@ platforms: - nofile:262144:262144 privileged: true memory_reservation: 2048m + tmpfs: + - /run + - /tmp + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro provisioner: name: ansible config_options: From 064dd6ac30780d3af3bacd676c4330374411af24 Mon Sep 17 00:00:00 2001 From: Rshad Zhran Date: Thu, 31 Oct 2019 19:05:29 +0100 Subject: [PATCH 3/7] adapted dockerfile - added Entrypoint script --- .../manager/files/entrypoint/Dockerfile | 33 +++++++++++++++ .../manager/files/entrypoint/entrypoint.sh | 40 +++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile create mode 100644 kitchen/wazuh-chef/manager/files/entrypoint/entrypoint.sh diff --git a/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile b/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile new file mode 100644 index 0000000000..cd5b43152e --- /dev/null +++ b/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile @@ -0,0 +1,33 @@ +FROM ruby + +CMD tail -f /dev/null + +COPY entrypoint.sh /usr/local/bin/ + +RUN chmod 777 /usr/local/bin/entrypoint.sh \ + && ln -s /usr/local/bin/entrypoint.sh / + +ENTRYPOINT ["entrypoint.sh"] + +RUN apt-get update && apt install docker.io git curl wget -y + +RUN apt-get update + +RUN gem install kitchen-docker && \ + gem install rbnacl && \ + gem install rbnacl-libsodium && \ + gem install bcrypt_pbkdf && \ + gem install berkshelf && \ + gem install httpclient && \ + +RUN cd $HOME && \ + git clone https://github.com/wazuh/wazuh-qa.git && \ + cd $HOME/wazuh-qa/kitchen/wazuh-chef/manager/files/ && \ + bundle install + +RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && python get-pip.py + +RUN pip install pytest && pip install testinfra && pip install paramiko + +# Standard SSH port +EXPOSE 22 \ No newline at end of file diff --git a/kitchen/wazuh-chef/manager/files/entrypoint/entrypoint.sh b/kitchen/wazuh-chef/manager/files/entrypoint/entrypoint.sh new file mode 100644 index 0000000000..b72ddeb7ed --- /dev/null +++ b/kitchen/wazuh-chef/manager/files/entrypoint/entrypoint.sh @@ -0,0 +1,40 @@ +#!/bin/bash +set -e + +CHEF_SOURCE_BRANCH=$1 +CHEF_TARGET_BRANCH=$2 +QA_BRANCH=$3 + + +cd $HOME && git clone https://github.com/wazuh/wazuh-qa.git && \ + cd $HOME/wazuh-qa/ && \ + git pull --all && \ + git checkout $QA_BRANCH && \ + git pull + +cd $HOME && \ + git clone https://github.com/wazuh/wazuh-chef.git && \ + cd $HOME/wazuh-chef/ && \ + git checkout $CHEF_SOURCE_BRANCH && \ + git pull && \ + git checkout $CHEF_TARGET_BRANCH && \ + git pull && \ + git checkout $CHEF_SOURCE_BRANCH && \ + git merge $CHEF_SOURCE_BRANCH + +cp -rf $HOME/wazuh-qa/kitchen/wazuh-chef/manager/files/* $HOME/wazuh-chef/cookbooks/wazuh_manager/ +cp -rf $HOME/wazuh-qa/kitchen/wazuh-chef/manager/test/* $HOME/wazuh-chef/cookbooks/wazuh_manager/test/ +cp -rf $HOME/wazuh-qa/kitchen/wazuh-chef/manager/test_environment/* $HOME/wazuh-chef/cookbooks/wazuh_manager/test/environments/ +cp -rf $HOME/wazuh-qa/kitchen/wazuh-chef/agent/* $HOME/wazuh-chef/cookbooks/wazuh_agent/test/environments/ + + +cd $HOME/wazuh-chef/cookbooks/wazuh_manager/ && \ + mkdir .kitchen + +cd $HOME/wazuh-chef/cookbooks/wazuh_manager/ && \ + ls -ltrh + chmod +x run.sh && \ + chmod +x clean.sh && \ + rm .kitchen.yml + +tail -f /dev/null \ No newline at end of file From b683910c3203bdabd0d4871fd2ac401a6184d80d Mon Sep 17 00:00:00 2001 From: Rshad Zhran Date: Thu, 31 Oct 2019 19:13:51 +0100 Subject: [PATCH 4/7] fixed a typo --- kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile b/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile index cd5b43152e..e0ccf12b17 100644 --- a/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile +++ b/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile @@ -18,7 +18,7 @@ RUN gem install kitchen-docker && \ gem install rbnacl-libsodium && \ gem install bcrypt_pbkdf && \ gem install berkshelf && \ - gem install httpclient && \ + gem install httpclient RUN cd $HOME && \ git clone https://github.com/wazuh/wazuh-qa.git && \ From 4884bdc593d4d6b06b380bbc7b89af05c22cc53a Mon Sep 17 00:00:00 2001 From: Rshad Zhran Date: Thu, 31 Oct 2019 19:34:33 +0100 Subject: [PATCH 5/7] added missing task --- kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile b/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile index e0ccf12b17..701309a9df 100644 --- a/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile +++ b/kitchen/wazuh-chef/manager/files/entrypoint/Dockerfile @@ -22,6 +22,8 @@ RUN gem install kitchen-docker && \ RUN cd $HOME && \ git clone https://github.com/wazuh/wazuh-qa.git && \ + cd $HOME/wazuh-qa && \ + git checkout devel && \ cd $HOME/wazuh-qa/kitchen/wazuh-chef/manager/files/ && \ bundle install From 6415eee4e5bd6a3af6070b85b9d935183fbe6b9f Mon Sep 17 00:00:00 2001 From: Rshad Zhran Date: Tue, 5 Nov 2019 12:19:27 +0100 Subject: [PATCH 6/7] removed redundant task from entrypoint --- kitchen/wazuh-chef/manager/files/entrypoint/entrypoint.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/kitchen/wazuh-chef/manager/files/entrypoint/entrypoint.sh b/kitchen/wazuh-chef/manager/files/entrypoint/entrypoint.sh index b72ddeb7ed..4655c28c9c 100644 --- a/kitchen/wazuh-chef/manager/files/entrypoint/entrypoint.sh +++ b/kitchen/wazuh-chef/manager/files/entrypoint/entrypoint.sh @@ -6,8 +6,7 @@ CHEF_TARGET_BRANCH=$2 QA_BRANCH=$3 -cd $HOME && git clone https://github.com/wazuh/wazuh-qa.git && \ - cd $HOME/wazuh-qa/ && \ +cd $HOME/wazuh-qa/ && \ git pull --all && \ git checkout $QA_BRANCH && \ git pull From 62af8885bed25c6ed833d544d52c286a9c9c9fdf Mon Sep 17 00:00:00 2001 From: Rshad Zhran Date: Tue, 5 Nov 2019 14:34:20 +0100 Subject: [PATCH 7/7] added new dockerfile --- .../manager/files/1-build-model/Dockerfile | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 kitchen/wazuh-chef/manager/files/1-build-model/Dockerfile diff --git a/kitchen/wazuh-chef/manager/files/1-build-model/Dockerfile b/kitchen/wazuh-chef/manager/files/1-build-model/Dockerfile new file mode 100644 index 0000000000..bd0cf2fd8e --- /dev/null +++ b/kitchen/wazuh-chef/manager/files/1-build-model/Dockerfile @@ -0,0 +1,26 @@ +FROM ruby + +RUN apt-get update && apt install docker.io git curl wget -y + +RUN apt-get update + +RUN gem install kitchen-docker && \ + gem install rbnacl && \ + gem install rbnacl-libsodium && \ + gem install bcrypt_pbkdf && \ + gem install berkshelf && \ + gem install httpclient + +RUN cd $HOME && \ + git clone https://github.com/wazuh/wazuh-qa.git && \ + cd $HOME/wazuh-qa && \ + git checkout devel && \ + cd $HOME/wazuh-qa/kitchen/wazuh-chef/manager/files/ && \ + bundle install + +RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && python get-pip.py + +RUN pip install pytest && pip install testinfra && pip install paramiko + +# Standard SSH port +EXPOSE 22 \ No newline at end of file