diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5aba500a3253e..f68708a1197fb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -6,7 +6,7 @@ on: push: # Sequence of patterns matched against refs/heads branches: - - 'ci/*' + - "ci/*" workflow_dispatch: inputs: revision: @@ -40,7 +40,7 @@ jobs: uses: ./.github/workflows/r_commit_sha.yml build: - needs: [ version, commit_sha ] + needs: [version, commit_sha] strategy: matrix: distribution: [tar, rpm, deb] @@ -69,15 +69,21 @@ jobs: distribution: ${{ matrix.distribution }} min: wazuh-indexer-min_${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '1' || inputs.revision }}-${{ matrix.architecture }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.distribution }} - upload: + test: needs: [version, commit_sha, assemble] - # Upload only on 'workflow_dispatch' event and if 'upload=true' - if: ${{ github.event_name == 'push' && inputs.upload }} strategy: fail-fast: false matrix: os: [{ suffix: "amd64", ext: "deb" }, { suffix: "x86_64", ext: "rpm" }] + uses: ./.github/workflows/r_test.yml + with: + package: wazuh-indexer-${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '1' || inputs.revision }}_${{ matrix.os.suffix }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.os.ext }} + + upload: + needs: [version, commit_sha, test] + # Upload only on 'workflow_dispatch' event and if 'upload=true' + if: ${{ github.event_name == 'push' && inputs.upload }} uses: ./.github/workflows/r_upload.yml with: package: wazuh-indexer-${{ needs.version.outputs.version }}-${{ github.event_name == 'push' && '1' || inputs.revision }}_${{ matrix.os.suffix }}_${{ needs.commit_sha.outputs.commit_sha }}.${{ matrix.os.ext }} - secrets: inherit \ No newline at end of file + secrets: inherit diff --git a/.github/workflows/r_assemble.yml b/.github/workflows/r_assemble.yml index d08b64cea23ed..11009429298e0 100644 --- a/.github/workflows/r_assemble.yml +++ b/.github/workflows/r_assemble.yml @@ -1,5 +1,8 @@ name: Assemble (reusable) +env: + TEST: true + # This workflow runs when any of the following occur: # - Run from another workflow on: diff --git a/.github/workflows/r_build.yml b/.github/workflows/r_build.yml index 299eb8155f735..4c430ce113ad6 100644 --- a/.github/workflows/r_build.yml +++ b/.github/workflows/r_build.yml @@ -40,7 +40,7 @@ jobs: java-version: 11 - name: Setup Gradle - uses: gradle/gradle-build-action@v2.9.0 + uses: gradle/actions/setup-gradle@v3 - name: Run `build.sh` run: | diff --git a/.github/workflows/r_test.yml b/.github/workflows/r_test.yml new file mode 100644 index 0000000000000..fa9cd819ac8fe --- /dev/null +++ b/.github/workflows/r_test.yml @@ -0,0 +1,88 @@ +name: Test (reusable) + +# This workflow runs when any of the following occur: +# - Run from another workflow +on: + workflow_call: + inputs: + package: + description: "The name of the package to download." + required: true + type: string + +jobs: + r_test_rpm: + if: ${{ endsWith(inputs.package, 'rpm') }} + runs-on: ubuntu-latest + # Permissions to upload the package + permissions: + packages: read + contents: read + steps: + - name: Download artifact + uses: actions/download-artifact@v4 + with: + name: ${{ inputs.package }} + path: artifacts/dist + + - name: Install package + uses: addnab/docker-run-action@v3 + with: + image: redhat/ubi9:latest + options: -v ${{ github.workspace }}/artifacts/dist:/artifacts/dist + run: | + yum localinstall "/artifacts/dist/${{ inputs.package }}" -y + + r_test_deb: + if: ${{ endsWith(inputs.package, 'deb') }} + runs-on: ubuntu-latest + # Permissions to upload the package + permissions: + packages: read + contents: read + steps: + - name: Download artifact + uses: actions/download-artifact@v4 + with: + name: ${{ inputs.package }} + path: artifacts/dist + + - name: Install package + run: | + sudo dpkg -i "artifacts/dist/${{ inputs.package }}" + + - uses: actions/checkout@v4 + - name: Generate and deploy certificates + uses: addnab/docker-run-action@v3 + with: + image: wazuh/wazuh-certs-generator:0.0.1 + options: -v ${{ github.workspace }}/integrations/docker/config/certs.yml:/config/certs.yml -v /etc/wazuh-indexer/certs:/certs + shell: sh + run: | + mkdir -p /certificates /certs + /entrypoint.sh + chown -R 1000:999 /certificates + chmod 740 /certificates + chmod 440 /certificates/* + + mv /certificates/wazuh.indexer-key.pem /certs/indexer-key.pem + mv /certificates/wazuh.indexer.pem /certs/indexer.pem + mv /certificates/root-ca.pem /certs/root-ca.pem + ls /certs + + - run: sudo systemctl daemon-reload + - run: | + if ! sudo systemctl enable wazuh-indexer.service; then + sudo journalctl --no-pager -u wazuh-indexer.service + exit 1 + fi + - run: | + if ! sudo systemctl start wazuh-indexer; then + sudo journalctl --no-pager -u wazuh-indexer.service + exit 1 + fi + - run: | + if ! sudo systemctl status --no-pager wazuh-indexer -n 100; then + sudo journalctl --no-pager -u wazuh-indexer.service + exit 1 + fi diff --git a/ecs/vulnerability-detector/event-generator/event_generator.py b/ecs/vulnerability-detector/event-generator/event_generator.py index 24ecf744b8272..0ed75ec9600a1 100755 --- a/ecs/vulnerability-detector/event-generator/event_generator.py +++ b/ecs/vulnerability-detector/event-generator/event_generator.py @@ -176,6 +176,9 @@ def generate_random_wazuh(): }, 'manager': { 'name': f'wazuh-manager-{random.randint(0,10)}' + }, + 'schema': { + 'version': '1.7.0' } } return wazuh @@ -187,7 +190,7 @@ def generate_random_data(number): event_data = { '@timestamp': generate_random_date(), 'agent': generate_random_agent(), - 'ecs': {'version': '1.7.0'}, + # 'ecs': {'version': '1.7.0'}, # 'event': generate_random_event(), 'host': generate_random_host(), # 'labels': generate_random_labels(), diff --git a/ecs/vulnerability-detector/fields/custom/wazuh.yml b/ecs/vulnerability-detector/fields/custom/wazuh.yml index abba5563e2c12..f7bcf4f897c07 100644 --- a/ecs/vulnerability-detector/fields/custom/wazuh.yml +++ b/ecs/vulnerability-detector/fields/custom/wazuh.yml @@ -18,4 +18,9 @@ type: keyword level: custom description: > - Wazuh manager name. Used by dashboards to filter results on single node deployments. \ No newline at end of file + Wazuh manager name. Used by dashboards to filter results on single node deployments. + - name: schema.version + type: keyword + level: custom + description: > + Wazuh schema version. \ No newline at end of file diff --git a/ecs/vulnerability-detector/fields/subset.yml b/ecs/vulnerability-detector/fields/subset.yml index 75e9d0b92686c..f5b0d60757794 100644 --- a/ecs/vulnerability-detector/fields/subset.yml +++ b/ecs/vulnerability-detector/fields/subset.yml @@ -8,8 +8,6 @@ fields: message: "" agent: fields: "*" - ecs: - fields: "*" package: fields: "*" host: diff --git a/ecs/vulnerability-detector/fields/template-settings-legacy.json b/ecs/vulnerability-detector/fields/template-settings-legacy.json index c85123eaf0a5f..205850de68e83 100644 --- a/ecs/vulnerability-detector/fields/template-settings-legacy.json +++ b/ecs/vulnerability-detector/fields/template-settings-legacy.json @@ -17,7 +17,6 @@ "query.default_field": [ "base.tags", "agent.id", - "ecs.version", "host.os.family", "host.os.full.text", "host.os.version", diff --git a/ecs/vulnerability-detector/fields/template-settings.json b/ecs/vulnerability-detector/fields/template-settings.json index 89f03eed0284c..96fb7712bf3bb 100644 --- a/ecs/vulnerability-detector/fields/template-settings.json +++ b/ecs/vulnerability-detector/fields/template-settings.json @@ -18,7 +18,6 @@ "query.default_field": [ "base.tags", "agent.id", - "ecs.version", "host.os.family", "host.os.full.text", "host.os.version",