From 283f873d3cecaeb699699a6024cd8bce29db81b0 Mon Sep 17 00:00:00 2001 From: Fede Tux Date: Thu, 11 Jul 2024 11:18:56 -0300 Subject: [PATCH] Adding environment variables for docker images versions --- integrations/docker/.env | 14 +++++++++++++- .../docker/compose.amazon-security-lake.yml | 10 +++++++--- integrations/docker/compose.indexer-elastic.yml | 10 +++++++--- .../docker/compose.indexer-opensearch.yml | 13 +++++++++---- integrations/docker/compose.indexer-splunk.yml | 16 +++++++++++----- integrations/docker/compose.manager-elastic.yml | 10 +++++++--- .../docker/compose.manager-opensearch.yml | 10 +++++++--- integrations/docker/compose.manager-splunk.yml | 13 +++++++++---- 8 files changed, 70 insertions(+), 26 deletions(-) diff --git a/integrations/docker/.env b/integrations/docker/.env index 00977dd69a894..b5c14e4d905b7 100644 --- a/integrations/docker/.env +++ b/integrations/docker/.env @@ -26,4 +26,16 @@ MEM_LIMIT=1073741824 OS_VERSION=2.14.0 # Wazuh version -WAZUH_VERSION=4.7.5 \ No newline at end of file +WAZUH_VERSION=4.7.5 + +# Wazuh Indexer version (Provisionally using OpenSearch) +WAZUH_INDEXER_VERSION=2.12.0 + +# Wazuh Dashboard version (Provisionally using OpenSearch Dashboards) +WAZUH_DASHBOARD_VERSION=2.12.0 + +# Wazuh certs generator version +WAZUH_CERTS_GENERATOR_VERSION=0.0.1 + +# Splunk version: +SPLUNK_VERSION=9.0.4 \ No newline at end of file diff --git a/integrations/docker/compose.amazon-security-lake.yml b/integrations/docker/compose.amazon-security-lake.yml index 96edbd0a6cc4f..da8b55f75937b 100644 --- a/integrations/docker/compose.amazon-security-lake.yml +++ b/integrations/docker/compose.amazon-security-lake.yml @@ -13,7 +13,7 @@ services: command: bash -c "python run.py -a wazuh.indexer" wazuh.indexer: - image: opensearchproject/opensearch:2.12.0 + image: opensearchproject/opensearch:${WAZUH_INDEXER_VERSION} container_name: wazuh.indexer depends_on: wazuh-certs-generator: @@ -22,6 +22,7 @@ services: ports: - 9200:9200 environment: + - WAZUH_INDEXER_VERSION=${WAZUH_INDEXER_VERSION} # - cluster.name=opensearch-cluster - node.name=wazuh.indexer - discovery.type=single-node @@ -56,7 +57,7 @@ services: - ./certs/root-ca.pem:/usr/share/opensearch/config/root-ca.pem wazuh.dashboard: - image: opensearchproject/opensearch-dashboards:2.12.0 + image: opensearchproject/opensearch-dashboards:${WAZUH_DASHBOARD_VERSION} container_name: wazuh.dashboard depends_on: - wazuh.indexer @@ -71,6 +72,7 @@ services: - ./certs/wazuh.dashboard.pem:/usr/share/opensearch-dashboards/config/certs/opensearch.pem - ./certs/root-ca.pem:/usr/share/opensearch-dashboards/config/certs/root-ca.pem environment: + WAZUH_DASHBOARD_VERSION: ${WAZUH_DASHBOARD_VERSION} OPENSEARCH_HOSTS: '["https://wazuh.indexer:9200"]' # Define the OpenSearch nodes that OpenSearch Dashboards will query SERVER_SSL_ENABLED: 'true' SERVER_SSL_KEY: '/usr/share/opensearch-dashboards/config/certs/opensearch.key' @@ -159,12 +161,14 @@ services: " wazuh-certs-generator: - image: wazuh/wazuh-certs-generator:0.0.1 + image: wazuh/wazuh-certs-generator:${WAZUH_CERTS_GENERATOR_VERSION} hostname: wazuh-certs-generator depends_on: generate-certs-config: condition: service_completed_successfully container_name: wazuh-certs-generator + environment: + - WAZUH_CERTS_GENERATOR_VERSION=${WAZUH_CERTS_GENERATOR_VERSION} entrypoint: sh -c "/entrypoint.sh; chown -R 1000:999 /certificates; chmod 740 /certificates; chmod 440 /certificates/*" volumes: - ./certs/:/certificates/ diff --git a/integrations/docker/compose.indexer-elastic.yml b/integrations/docker/compose.indexer-elastic.yml index 416d9e8ad8dd5..4ca0dc045e03b 100644 --- a/integrations/docker/compose.indexer-elastic.yml +++ b/integrations/docker/compose.indexer-elastic.yml @@ -11,7 +11,7 @@ services: command: bash -c "python run.py -a wazuh.indexer" wazuh.indexer: - image: opensearchproject/opensearch:2.12.0 + image: opensearchproject/opensearch:${WAZUH_INDEXER_VERSION} depends_on: wazuh-certs-generator: condition: service_completed_successfully @@ -19,6 +19,7 @@ services: ports: - 9200:9200 environment: + - WAZUH_INDEXER_VERSION=${WAZUH_INDEXER_VERSION} - node.name=wazuh.indexer - discovery.type=single-node - bootstrap.memory_lock=true @@ -51,7 +52,7 @@ services: - ./certs/root-ca.pem:/usr/share/opensearch/config/root-ca.pem wazuh.dashboard: - image: opensearchproject/opensearch-dashboards:2.12.0 + image: opensearchproject/opensearch-dashboards:${WAZUH_DASHBOARD_VERSION} depends_on: - wazuh.indexer hostname: wazuh.dashboard @@ -65,6 +66,7 @@ services: - ./certs/wazuh.dashboard.pem:/usr/share/opensearch-dashboards/config/certs/opensearch.pem - ./certs/root-ca.pem:/usr/share/opensearch-dashboards/config/certs/root-ca.pem environment: + WAZUH_DASHBOARD_VERSION: ${WAZUH_DASHBOARD_VERSION} OPENSEARCH_HOSTS: '["https://wazuh.indexer:9200"]' # Define the OpenSearch nodes that OpenSearch Dashboards will query SERVER_SSL_ENABLED: 'true' SERVER_SSL_KEY: '/usr/share/opensearch-dashboards/config/certs/opensearch.key' @@ -92,8 +94,10 @@ services: " wazuh-certs-generator: - image: wazuh/wazuh-certs-generator:0.0.1 + image: wazuh/wazuh-certs-generator:${WAZUH_CERTS_GENERATOR_VERSION} hostname: wazuh-certs-generator + environment: + - WAZUH_CERTS_GENERATOR_VERSION=${WAZUH_CERTS_GENERATOR_VERSION} depends_on: generate-certs-config: condition: service_completed_successfully diff --git a/integrations/docker/compose.indexer-opensearch.yml b/integrations/docker/compose.indexer-opensearch.yml index e9a58c9aeb14f..d4e2c24a4b061 100644 --- a/integrations/docker/compose.indexer-opensearch.yml +++ b/integrations/docker/compose.indexer-opensearch.yml @@ -11,7 +11,7 @@ services: command: bash -c "python run.py -a wazuh.indexer" wazuh.indexer: - image: opensearchproject/opensearch:2.12.0 + image: opensearchproject/opensearch:${WAZUH_INDEXER_VERSION} depends_on: wazuh-certs-generator: condition: service_completed_successfully @@ -19,6 +19,7 @@ services: ports: - 9200:9200 environment: + - WAZUH_INDEXER_VERSION=${WAZUH_INDEXER_VERSION} - node.name=wazuh.indexer - discovery.type=single-node - bootstrap.memory_lock=true @@ -51,7 +52,7 @@ services: - ./certs/root-ca.pem:/usr/share/opensearch/config/root-ca.pem wazuh.dashboard: - image: opensearchproject/opensearch-dashboards:2.12.0 + image: opensearchproject/opensearch-dashboards:${WAZUH_DASHBOARD_VERSION} depends_on: - wazuh.indexer hostname: wazuh.dashboard @@ -66,6 +67,7 @@ services: - ./certs/opensearch.dashboards.pem:/usr/share/opensearch-dashboards/config/certs/opensearch.pem - ./certs/root-ca.pem:/usr/share/opensearch-dashboards/config/certs/root-ca.pem environment: + WAZUH_DASHBOARD_VERSION: ${WAZUH_DASHBOARD_VERSION} OPENSEARCH_HOSTS: '["https://wazuh.indexer:9200"]' SERVER_SSL_ENABLED: 'true' SERVER_SSL_KEY: '/usr/share/opensearch-dashboards/config/certs/opensearch.key' @@ -97,8 +99,10 @@ services: " wazuh-certs-generator: - image: wazuh/wazuh-certs-generator:0.0.1 + image: wazuh/wazuh-certs-generator:${WAZUH_CERTS_GENERATOR_VERSION} hostname: wazuh-certs-generator + environment: + - WAZUH_CERTS_GENERATOR_VERSION=${WAZUH_CERTS_GENERATOR_VERSION} depends_on: generate-certs-config: condition: service_completed_successfully @@ -169,13 +173,14 @@ services: - 'OPENSEARCH_HOSTS="https://opensearch.node:9200"' logstash: - image: logstash-oss:8.6.2 + image: logstash-oss:${STACK_VERSION} depends_on: opensearch.node: condition: service_healthy build: context: ../logstash environment: + STACK_VERSION: ${STACK_VERSION} LOG_LEVEL: info MONITORING_ENABLED: false volumes: diff --git a/integrations/docker/compose.indexer-splunk.yml b/integrations/docker/compose.indexer-splunk.yml index 081a3f0e0e4ec..156e716ce1dc5 100644 --- a/integrations/docker/compose.indexer-splunk.yml +++ b/integrations/docker/compose.indexer-splunk.yml @@ -11,7 +11,7 @@ services: command: bash -c "python run.py -a wazuh.indexer" wazuh.indexer: - image: opensearchproject/opensearch:2.12.0 + image: opensearchproject/opensearch:${WAZUH_INDEXER_VERSION} depends_on: wazuh-certs-generator: condition: service_completed_successfully @@ -19,6 +19,7 @@ services: ports: - 9200:9200 environment: + - WAZUH_INDEXER_VERSION=${WAZUH_INDEXER_VERSION} - node.name=wazuh.indexer - discovery.type=single-node - bootstrap.memory_lock=true @@ -51,7 +52,7 @@ services: - ./certs/root-ca.pem:/usr/share/opensearch/config/root-ca.pem wazuh.dashboard: - image: opensearchproject/opensearch-dashboards:2.12.0 + image: opensearchproject/opensearch-dashboards:${WAZUH_DASHBOARD_VERSION} depends_on: - wazuh.indexer hostname: wazuh.dashboard @@ -65,6 +66,7 @@ services: - ./certs/wazuh.dashboard.pem:/usr/share/opensearch-dashboards/config/certs/opensearch.pem - ./certs/root-ca.pem:/usr/share/opensearch-dashboards/config/certs/root-ca.pem environment: + WAZUH_DASHBOARD_VERSION: ${WAZUH_DASHBOARD_VERSION} OPENSEARCH_HOSTS: '["https://wazuh.indexer:9200"]' # Define the OpenSearch nodes that OpenSearch Dashboards will query SERVER_SSL_ENABLED: 'true' SERVER_SSL_KEY: '/usr/share/opensearch-dashboards/config/certs/opensearch.key' @@ -92,8 +94,10 @@ services: " wazuh-certs-generator: - image: wazuh/wazuh-certs-generator:0.0.1 + image: wazuh/wazuh-certs-generator:${WAZUH_CERTS_GENERATOR_VERSION} hostname: wazuh-certs-generator + environment: + - WAZUH_CERTS_GENERATOR_VERSION=${WAZUH_CERTS_GENERATOR_VERSION} depends_on: generate-certs-config: condition: service_completed_successfully @@ -133,7 +137,7 @@ services: ' splunk: - image: splunk/splunk:9.0.4 + image: splunk/splunk:${SPLUNK_VERSION} volumes: - ./certs/splunk.key:/opt/splunk/etc/auth/custom/splunk.key - ./certs/splunk.pem:/opt/splunk/etc/auth/custom/splunk.pem @@ -149,6 +153,7 @@ services: - '8000:8000' - '8088:8088' environment: + SPLUNK_VERSION: ${SPLUNK_VERSION} SPLUNK_HEC_TOKEN: "abcd1234" SPLUNK_HOSTNAME: splunk SPLUNK_HTTP_ENABLESSL: 'true' @@ -160,8 +165,9 @@ services: depends_on: splunk: condition: service_healthy - image: logstash-oss:8.6.2 + image: logstash-oss:${STACK_VERSION} environment: + STACK_VERSION: ${STACK_VERSION} LOG_LEVEL: info MONITORING_ENABLED: false volumes: diff --git a/integrations/docker/compose.manager-elastic.yml b/integrations/docker/compose.manager-elastic.yml index d8fd3f9026057..29915f2c966ee 100644 --- a/integrations/docker/compose.manager-elastic.yml +++ b/integrations/docker/compose.manager-elastic.yml @@ -48,7 +48,7 @@ services: - alerts:/var/ossec/logs/alerts/ wazuh.indexer: - image: opensearchproject/opensearch:2.12.0 + image: opensearchproject/opensearch:${WAZUH_INDEXER_VERSION} depends_on: wazuh-certs-generator: condition: service_completed_successfully @@ -56,6 +56,7 @@ services: ports: - 9200:9200 environment: + - WAZUH_INDEXER_VERSION=${WAZUH_INDEXER_VERSION} - node.name=wazuh.indexer - discovery.type=single-node - bootstrap.memory_lock=true @@ -89,8 +90,10 @@ services: - ./certs/root-ca.pem:/usr/share/opensearch/config/root-ca.pem wazuh-certs-generator: - image: wazuh/wazuh-certs-generator:0.0.1 + image: wazuh/wazuh-certs-generator:${WAZUH_CERTS_GENERATOR_VERSION} hostname: wazuh-certs-generator + environment: + - WAZUH_CERTS_GENERATOR_VERSION=${WAZUH_CERTS_GENERATOR_VERSION} entrypoint: sh -c "/entrypoint.sh; chown -R 1000:999 /certificates; chmod 740 /certificates; chmod 440 /certificates/*" volumes: - ./certs/:/certificates/ @@ -102,10 +105,11 @@ services: condition: service_healthy wazuh-certs-generator: condition: service_completed_successfully - image: logstash-oss:8.6.2 + image: logstash-oss:${STACK_VERSION} build: context: ../logstash environment: + STACK_VERSION=${STACK_VERSION} LOG_LEVEL: info MONITORING_ENABLED: false volumes: diff --git a/integrations/docker/compose.manager-opensearch.yml b/integrations/docker/compose.manager-opensearch.yml index 52c82dcf7192b..9550707498c59 100644 --- a/integrations/docker/compose.manager-opensearch.yml +++ b/integrations/docker/compose.manager-opensearch.yml @@ -48,7 +48,7 @@ services: - alerts:/var/ossec/logs/alerts/ wazuh.indexer: - image: opensearchproject/opensearch:2.12.0 + image: opensearchproject/opensearch:${WAZUH_INDEXER_VERSION} depends_on: wazuh-certs-generator: condition: service_completed_successfully @@ -56,6 +56,7 @@ services: ports: - 9200:9200 environment: + - WAZUH_INDEXER_VERSION=${WAZUH_INDEXER_VERSION} - node.name=wazuh.indexer - discovery.type=single-node - bootstrap.memory_lock=true @@ -89,8 +90,10 @@ services: - ./certs/root-ca.pem:/usr/share/opensearch/config/root-ca.pem wazuh-certs-generator: - image: wazuh/wazuh-certs-generator:0.0.1 + image: wazuh/wazuh-certs-generator:${WAZUH_CERTS_GENERATOR_VERSION} hostname: wazuh-certs-generator + environment: + - WAZUH_CERTS_GENERATOR_VERSION=${WAZUH_CERTS_GENERATOR_VERSION} entrypoint: sh -c "/entrypoint.sh; chown -R 1000:999 /certificates; chmod 740 /certificates; chmod 440 /certificates/*" volumes: - ./certs/:/certificates/ @@ -102,11 +105,12 @@ services: condition: service_healthy wazuh-certs-generator: condition: service_completed_successfully - image: logstash-oss:8.6.2 + image: logstash-oss:${STACK_VERSION} build: dockerfile: ../elastic/Dockerfile context: ../logstash environment: + STACK_VERSION: ${STACK_VERSION} LOG_LEVEL: info MONITORING_ENABLED: false volumes: diff --git a/integrations/docker/compose.manager-splunk.yml b/integrations/docker/compose.manager-splunk.yml index 13671aee91641..27ac606c23653 100644 --- a/integrations/docker/compose.manager-splunk.yml +++ b/integrations/docker/compose.manager-splunk.yml @@ -48,7 +48,7 @@ services: - alerts:/var/ossec/logs/alerts/ wazuh.indexer: - image: opensearchproject/opensearch:2.12.0 + image: opensearchproject/opensearch:${WAZUH_INDEXER_VERSION} depends_on: wazuh-certs-generator: condition: service_completed_successfully @@ -56,6 +56,7 @@ services: ports: - 9200:9200 environment: + - WAZUH_INDEXER_VERSION=${WAZUH_INDEXER_VERSION} - node.name=wazuh.indexer - discovery.type=single-node - bootstrap.memory_lock=true @@ -89,8 +90,10 @@ services: - ./certs/root-ca.pem:/usr/share/opensearch/config/root-ca.pem wazuh-certs-generator: - image: wazuh/wazuh-certs-generator:0.0.1 + image: wazuh/wazuh-certs-generator:${WAZUH_CERTS_GENERATOR_VERSION} hostname: wazuh-certs-generator + environment: + - WAZUH_CERTS_GENERATOR_VERSION=${WAZUH_CERTS_GENERATOR_VERSION} entrypoint: sh -c "/entrypoint.sh; chown -R 1000:999 /certificates; chmod 740 /certificates; chmod 440 /certificates/*" volumes: - ./certs/:/certificates/ @@ -102,11 +105,12 @@ services: condition: service_healthy wazuh-certs-generator: condition: service_completed_successfully - image: logstash-oss:8.6.2 + image: logstash-oss:${STACK_VERSION} build: dockerfile: ../logstash/Dockerfile context: ../logstash environment: + STACK_VERSION: ${STACK_VERSION} LOG_LEVEL: info MONITORING_ENABLED: false volumes: @@ -145,7 +149,7 @@ services: ' splunk: - image: splunk/splunk:9.0.4 + image: splunk/splunk:${SPLUNK_VERSION} volumes: - ./certs/splunk.key:/opt/splunk/etc/auth/custom/splunk.key - ./certs/splunk.pem:/opt/splunk/etc/auth/custom/splunk.pem @@ -159,6 +163,7 @@ services: - '8000:8000' - '8088:8088' environment: + SPLUNK_VERSION: ${SPLUNK_VERSION} SPLUNK_HEC_TOKEN: "abcd1234" SPLUNK_HOSTNAME: splunk SPLUNK_HTTP_ENABLESSL: 'true'