Merge branch 'master-2.16.0' into ci/260-use-wazuh-indexer-docker-images

.github/ISSUE_TEMPLATE/feature_template.md

@@ -0,0 +1,23 @@
+---
+name: "Feature template"
+about: "[Internal] Used within Wazuh dev team to describe a new development of a produt's feature."
+title: ""
+labels: ["type/enhancement", "level/task"]
+assignees: ""
+---
+
+## Description
+
+...
+
+## Functional requirements
+
+- ...
+
+## Implementation restrictions
+
+- ...
+
+## Plan
+
+- [ ] ...

.github/workflows/ci.yml

@@ -0,0 +1,21 @@
+name: CI
+
+# This workflow runs when any of the following occur:
+# - On push to branches named after ci/*
+on:
+  pull_request:
+    # Sequence of patterns matched against refs/heads
+    branches:
+      - "migrate-*"
+      - "ci/*"
+
+jobs:
+  call-test-workflow:
+    #     uses: ./.github/workflows/test.yml
+    runs-on: ubuntu-22.04
+    steps:
+      - run: |
+          ./gradlew assemble --parallel --no-build-cache -PDISABLE_BUILD_CACHE
+  call-build-workflow:
+    uses: ./.github/workflows/build.yml
+    secrets: inherit

integrations/README.md

@@ -30,4 +30,4 @@ We host development environments to support the following integrations:
 |                | Wazuh | Logstash | OpenSearch | Elastic | Splunk |
 | -------------- | ----- | -------- | ---------- | ------- | ------ |
 | v1.0           | 4.8.1 | 8.9.0    | 2.14.0     | 8.14.3  | 9.1.4  |
-| Latest version | 4.9.0 | 8.9.0    | 2.17.1     | 8.15.2  | 9.3.1  |
+| Latest version | 4.9.2 | 8.9.0    | 2.18.0     | 8.15.3  | 9.3.1  |

integrations/docker/.env

@@ -20,7 +20,7 @@ KIBANA_PORT=5602
 MEM_LIMIT=1073741824
 
 # Wazuh version
-WAZUH_VERSION=4.9.0
+WAZUH_VERSION=4.9.2
 
 # Wazuh Indexer version (Provisionally using OpenSearch)
 WAZUH_INDEXER_VERSION=2.13.0
@@ -32,7 +32,7 @@ WAZUH_DASHBOARD_VERSION=2.13.0
 WAZUH_CERTS_GENERATOR_VERSION=0.0.1
 
 # OpenSearch destination cluster version
-OS_VERSION=2.17.1
+OS_VERSION=2.18.0
 
 # Logstash version:
 LOGSTASH_OSS_VERSION=8.9.0
@@ -41,4 +41,4 @@ LOGSTASH_OSS_VERSION=8.9.0
 SPLUNK_VERSION=9.3.1
 
 # Version of Elastic products
-STACK_VERSION=8.15.2
+STACK_VERSION=8.15.3

integrations/docker/compose.indexer-splunk.yml

@@ -161,10 +161,14 @@ services:
       SPLUNK_START_ARGS: --accept-license
 
   logstash:
+    image: logstash-oss:${LOGSTASH_OSS_VERSION}
     depends_on:
       splunk:
         condition: service_healthy
-    image: logstash-oss:${LOGSTASH_OSS_VERSION}
+    build:
+      context: ../logstash
+      args:
+        - LOGSTASH_OSS_VERSION=${LOGSTASH_OSS_VERSION}
     environment:
       LOGSTASH_OSS_VERSION: ${LOGSTASH_OSS_VERSION}
       LOG_LEVEL: info

test-tools/README.md

@@ -1,6 +1,6 @@
 # Basic cluster environment
 
-This is a environment definition with the required configuration to be prepared to freshly install a Wazuh Indexer
+This is an environment definition with the required configuration to be prepared to freshly install a Wazuh Indexer
 cluster with two nodes using Vagrant and Libvirt to provision the Virtual Machines.
 
 It also generates the node's required certificates using the `wazuh-certs-tool` and copy them to each node's `home`

test-tools/Vagrantfile

@@ -7,7 +7,7 @@ system("
 
 Vagrant.configure("2") do |config|
     config.vm.define "indexer_1" do |indexer_1|
-        indexer_1.vm.box = "generic/rhel9"
+        indexer_1.vm.box = "generic/alma9"
         indexer_1.vm.synced_folder ".", "/vagrant"
         indexer_1.vm.network "private_network", ip: "192.168.56.10"
         indexer_1.vm.hostname = "node-1"
@@ -16,13 +16,17 @@ Vagrant.configure("2") do |config|
             vb.cpus = "4"
         end
         indexer_1.vm.provision "shell", inline: <<-SHELL
-            sudo systemctl stop firewalld
-            sudo systemctl disable firewalld
-            sudo yum clean all
+            systemctl stop firewalld
+            systemctl disable firewalld
+            yum clean all
+            yum install curl jq unzip tar -y
             # Add node-2 to /etc/hosts
-            sudo echo "192.168.56.11 node-2" >> /etc/hosts
+            echo "192.168.56.11 node-2" >> /etc/hosts
             # Copy generated certificates
             cp /vagrant/wazuh-certificates.tar /home/vagrant/wazuh-certificates.tar
+            # Copy test scripts
+            cp -r /vagrant/scripts /home/vagrant/scripts
+            chown -R vagrant:vagrant /home/vagrant/scripts
         SHELL
     end
     config.vm.define "indexer_2" do |indexer_2|
@@ -35,12 +39,16 @@ Vagrant.configure("2") do |config|
             vb.cpus = "4"
         end
         indexer_2.vm.provision "shell", inline: <<-SHELL
-            sudo systemctl stop ufw
-            sudo systemctl disable ufw
+            systemctl stop ufw
+            systemctl disable ufw
+            apt-get install curl jq unzip tar -y
             # Add node-1 to /etc/hosts
             echo "192.168.56.10 node-1" >> /etc/hosts
             # Copy generated certificates
             cp /vagrant/wazuh-certificates.tar /home/vagrant/wazuh-certificates.tar
+            # Copy test scripts
+            cp -r /vagrant/scripts /home/vagrant/scripts
+            chown -R vagrant:vagrant /home/vagrant/scripts
         SHELL
     end
 end

test-tools/scripts/00_run.sh

@@ -0,0 +1,88 @@
+#!/bin/bash
+
+# Prompt the user for GitHub Token and artifact details securely
+if [ -z "$GITHUB_TOKEN" ]; then
+  read -rsp 'Enter GitHub Token: ' GITHUB_TOKEN
+  echo ""
+fi
+export GITHUB_TOKEN
+
+if [ -z "$RUN_ID" ]; then
+  read -rp 'Enter Action Run ID: ' RUN_ID
+fi
+export RUN_ID
+
+if [ -z "$ARTIFACT_NAME" ]; then
+  read -rp 'Enter Artifact Name: ' ARTIFACT_NAME
+fi
+export ARTIFACT_NAME
+
+# Define environment variables with default values if not provided
+read -rp "Enter current node name (default: 'node-1'): " NODE_NAME
+export NODE_NAME=${NODE_NAME:-"node-1"}
+
+IP_ADDRESS=$(ip addr show eth1 2>/dev/null | grep 'inet ' | awk '{print $2}' | cut -d/ -f1)
+if [ -z "$IP_ADDRESS" ]; then
+    IP_ADDRESS="127.0.0.1"
+fi
+read -rp "Enter IP of current node (default: '$IP_ADDRESS'): " NODE_IP
+export NODE_IP=${NODE_IP:-$IP_ADDRESS}
+
+export CERTS_PATH=${CERTS_PATH:-"/home/vagrant/wazuh-certificates.tar"}
+
+# Optional variables for Node 2
+read -rp 'Enter secondary Node name (optional): ' NODE_2
+read -rp 'Enter IP of secondary Node (optional): ' IP_NODE_2
+
+# Logging function with timestamps
+log() {
+  echo "$(date +'%Y-%m-%d %H:%M:%S') - $1"
+}
+
+# Function to run a command and check for errors
+run_command() {
+  local cmd=$1
+  log "Executing: $cmd"
+  if ! eval "$cmd"; then
+    log "Error executing: $cmd"
+    exit 1
+  else
+    log "Successfully executed: $cmd"
+  fi
+}
+
+# Main execution
+log "Starting the script execution"
+
+run_command "bash 01_download_and_install_package.sh -id $RUN_ID -n $ARTIFACT_NAME"
+
+# Apply certificates
+if [ -n "$NODE_2" ] && [ -n "$IP_NODE_2" ]; then
+  run_command "sudo bash 02_apply_certificates.sh -p $CERTS_PATH -n $NODE_NAME -nip $NODE_IP -s $NODE_2 -sip $IP_NODE_2"
+else
+  run_command "sudo bash 02_apply_certificates.sh -p $CERTS_PATH -n $NODE_NAME -nip $NODE_IP"
+fi
+
+# Start indexer service
+run_command "sudo bash 03_manage_indexer_service.sh -a start"
+
+# Initialize cluster (assumes this step doesn't depend on Node 2 presence)
+run_command "sudo bash 04_initialize_cluster.sh"
+sleep 10
+
+# Validate installed plugins
+if [ -n "$NODE_2" ]; then
+  run_command "bash 05_validate_installed_plugins.sh -n $NODE_NAME -n $NODE_2"
+else
+  run_command "bash 05_validate_installed_plugins.sh -n $NODE_NAME"
+fi
+
+# Validate setup and command manager
+run_command "bash 06_validate_setup.sh"
+run_command "bash 07_validate_command_manager.sh"
+
+# Uninstall indexer
+log "Running 08_uninstall_indexer.sh"
+run_command "sudo bash 08_uninstall_indexer.sh"
+
+log "All tasks completed successfully."