From b60e8759620fc7af02ea8e270a5fd5c04806c42a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Victor=20Ere=C3=B1=C3=BA?= <56500015+vcerenu@users.noreply.github.com> Date: Thu, 11 Jul 2024 23:01:18 +1000 Subject: [PATCH 1/2] Revert "Add new keystore certificate" --- .github/.goss.yaml | 2 +- .github/workflows/push.yml | 2 +- .../config/etc/cont-init.d/0-wazuh-init | 33 +------------------ 3 files changed, 3 insertions(+), 34 deletions(-) diff --git a/.github/.goss.yaml b/.github/.goss.yaml index 1610cc42d..50b54fc2c 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.8.1 + - 4.8.1-1 port: tcp:1514: listening: true diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index cecc3e5c6..0444cba7a 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -270,7 +270,7 @@ jobs: sleep 10 done docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`" - if [[ $docs -gt 0 ]]; then + if [[ $docs -gt 1 ]]; then echo "wazuh-alerts index documents: ${docs}" else echo "wazuh-alerts index documents: ${docs}" diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index 5ec1fe272..dae0e1f0b 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -122,20 +122,6 @@ create_ossec_key_cert() { exec_cmd "openssl req -new -x509 -key ${WAZUH_INSTALL_PATH}/etc/sslmanager.key -out ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert -days 3650 -subj /CN=${HOSTNAME}/" } -######################### -#GenerateKeystoreCert() -######################### -GenerateKeystoreCert() -{ - # Regenerate keys if they are not valid. - keystore_key=/etc/keystore.key - keystore_cert=/etc/keystore.cert - echo "Generating RSA keys for Keystore." - ${WAZUH_INSTALL_PATH}/bin/wazuh-authd -C 365 -B 2048 -K ${WAZUH_INSTALL_PATH}${keystore_key} -X ${WAZUH_INSTALL_PATH}${keystore_cert} -S "/C=US/ST=California/CN=wazuh/" - chmod 600 ${WAZUH_INSTALL_PATH}${keystore_key} - chmod 600 ${WAZUH_INSTALL_PATH}${keystore_cert} -} - ############################################################################## # Copy all files from $WAZUH_CONFIG_MOUNT to $WAZUH_INSTALL_PATH and respect # destination files permissions @@ -213,7 +199,7 @@ main() { # Restore files stored in permanent data that are not permanent (i.e. internal_options.conf) apply_exclusion_data - + # Apply correct permission and ownership set_correct_permOwner @@ -232,23 +218,6 @@ main() { fi fi - keystore_key=/etc/keystore.key - keystore_cert=/etc/keystore.cert - - # If we come from 4.8.0, no certificates will be found. - # Since the Keystore tool previously used sslmanager keys for encryption, - # We copy them to the new location to be able to recover the information. - if [ ! -f "${WAZUH_INSTALL_PATH}${keystore_key}" ] && [ ! -f "${WAZUH_INSTALL_PATH}${keystore_cert}" ]; then - cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert ${WAZUH_INSTALL_PATH}${keystore_cert} - cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ${WAZUH_INSTALL_PATH}${keystore_key} - fi - - # Test if the certificates are valid. If don't, re-generate them - ${WAZUH_INSTALL_PATH}/bin/wazuh-keystore -f default -k certificate_test -v test - if [ $? -eq 1 ]; then - GenerateKeystoreCert - fi - # Mount selected files (WAZUH_CONFIG_MOUNT) to container mount_files From 1e261c165e52b6fd6eafe96229c06cbb943216d2 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 11 Jul 2024 14:28:12 -0300 Subject: [PATCH 2/2] Revert test changes --- .github/.goss.yaml | 2 +- .github/workflows/push.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/.goss.yaml b/.github/.goss.yaml index 50b54fc2c..1610cc42d 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.8.1-1 + - 4.8.1 port: tcp:1514: listening: true diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 0444cba7a..cecc3e5c6 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -270,7 +270,7 @@ jobs: sleep 10 done docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`" - if [[ $docs -gt 1 ]]; then + if [[ $docs -gt 0 ]]; then echo "wazuh-alerts index documents: ${docs}" else echo "wazuh-alerts index documents: ${docs}"