diff --git a/.github/playbooks/gather_agent_logs.yml b/.github/playbooks/gather_agent_logs.yml index 82533434..aef4a335 100644 --- a/.github/playbooks/gather_agent_logs.yml +++ b/.github/playbooks/gather_agent_logs.yml @@ -18,7 +18,9 @@ block: - name: Linux | Set required facts for logs gathering (1/2) ansible.builtin.set_fact: - logs_prefix: "{{ ansible_facts.distribution }}_{{ ansible_facts.distribution_major_version }}_{{ ansible_facts.architecture }}_{{ inventory_hostname }}" + logs_prefix: >- + {{ ansible_facts.distribution }}_{{ ansible_facts.distribution_major_version }}_{{ + ansible_facts.architecture }}_{{ inventory_hostname }} - name: Linux | Set required facts for logs gathering (2/2) ansible.builtin.set_fact: @@ -57,6 +59,7 @@ ansible.builtin.copy: src: "{{ item.path }}" dest: "{{ remote_logs_path }}/{{ logs_prefix }}_{{ item.path | basename }}" + mode: '0644' remote_src: true loop: "{{ wazuh_agent_logs.files | default([]) }}" loop_control: @@ -67,8 +70,8 @@ ansible.builtin.copy: src: /var/ossec/etc/ossec.conf dest: "{{ remote_logs_path }}/{{ logs_prefix }}_ossec.conf" - remote_src: true mode: '0644' + remote_src: true - name: Linux | Compress Wazuh logs block: @@ -79,7 +82,7 @@ format: gz mode: '0644' rescue: - - name: Compress Wazuh logs (tar command) + - name: Compress Wazuh logs (tar command) # noqa: command-instead-of-module ansible.builtin.shell: | tar -czf {{ remote_gathering_path }}/compressed_wazuh_agent_logs_{{ logs_prefix }}.tar.gz -C {{ remote_logs_path }} . args: diff --git a/.github/playbooks/gather_central_logs.yml b/.github/playbooks/gather_central_logs.yml index f5e223b3..cf39bc34 100644 --- a/.github/playbooks/gather_central_logs.yml +++ b/.github/playbooks/gather_central_logs.yml @@ -68,8 +68,8 @@ ansible.builtin.copy: src: "{{ item.path }}" dest: "{{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_{{ item.path | basename }}" - remote_src: true mode: '0644' + remote_src: true loop: "{{ wi_indexer_logs.files | default([]) }}" loop_control: label: "{{ item.path | basename }}" @@ -79,8 +79,8 @@ ansible.builtin.copy: src: /etc/wazuh-indexer/opensearch.yml dest: "{{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_opensearch.yml" - remote_src: true mode: '0644' + remote_src: true - name: Wazuh Server when: (single_node | bool) or inventory_hostname in ['manager', 'worker'] @@ -147,7 +147,7 @@ format: gz mode: '0644' rescue: - - name: Compress Wazuh logs (tar command) + - name: Compress Wazuh logs (tar command) # noqa: command-instead-of-module ansible.builtin.shell: | tar -czf {{ remote_gathering_path }}/compressed_wazuh_logs_{{ logs_prefix }}.tar.gz -C {{ remote_logs_path }} . args: diff --git a/.github/workflows/aio.yml b/.github/workflows/aio.yml index 2b407d3d..077c27ed 100644 --- a/.github/workflows/aio.yml +++ b/.github/workflows/aio.yml @@ -601,8 +601,6 @@ jobs: - name: Run ansible-lint uses: ansible/ansible-lint@v25 with: - args: | - -v - wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml + args: "-v wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml" working_directory: "wazuh-ansible" requirements_file: "requirements.yml" diff --git a/.github/workflows/distributed.yml b/.github/workflows/distributed.yml index 1ed7f32e..008b26f4 100644 --- a/.github/workflows/distributed.yml +++ b/.github/workflows/distributed.yml @@ -655,8 +655,6 @@ jobs: - name: Run ansible-lint uses: ansible/ansible-lint@v25 with: - args: | - -v - wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml + args: "-v wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml" working_directory: "wazuh-ansible" requirements_file: "requirements.yml" diff --git a/roles/wazuh-agent/tasks/Linux.yml b/roles/wazuh-agent/tasks/Linux.yml index 11fefa63..5090897b 100644 --- a/roles/wazuh-agent/tasks/Linux.yml +++ b/roles/wazuh-agent/tasks/Linux.yml @@ -17,7 +17,7 @@ when: ansible_facts.os_family == "Debian" - name: Linux CentOS/RedHat | Install wazuh-agent - ansible.builtin.yum: + ansible.builtin.dnf: name: "{{ wazuh_agent_package_download_path }}/{{ wazuh_agent_package_name }}_{{ ansible_facts.architecture }}.rpm" state: present disable_gpg_check: true diff --git a/roles/wazuh-agent/tasks/macOS.yml b/roles/wazuh-agent/tasks/macOS.yml index 48422c52..9a45188b 100644 --- a/roles/wazuh-agent/tasks/macOS.yml +++ b/roles/wazuh-agent/tasks/macOS.yml @@ -44,6 +44,8 @@ block: - name: MacOS | Install Wazuh agent using installer ansible.builtin.command: "installer -pkg {{ wazuh_agent_package_download_path }}/{{ wazuh_agent_package_name }}.pkg -target /" + register: install_pkg + changed_when: install_pkg.rc == 0 - name: MacOS | Initialize Wazuh agent service (MacOS 10.10+) ansible.builtin.command: "launchctl bootstrap system /Library/LaunchDaemons/com.wazuh.agent.plist" diff --git a/roles/wazuh-dashboard/tasks/dependencies.yml b/roles/wazuh-dashboard/tasks/dependencies.yml index f1f11d1e..ed029129 100644 --- a/roles/wazuh-dashboard/tasks/dependencies.yml +++ b/roles/wazuh-dashboard/tasks/dependencies.yml @@ -25,7 +25,7 @@ when: ansible_facts.os_family == 'RedHat' block: - name: RedHat/CentOS/Fedora | Install Dashboard dependencies - ansible.builtin.yum: + ansible.builtin.dnf: name: "{{ packages }}" state: present update_cache: true diff --git a/roles/wazuh-dashboard/tasks/main.yml b/roles/wazuh-dashboard/tasks/main.yml index 13144361..e6e72af2 100644 --- a/roles/wazuh-dashboard/tasks/main.yml +++ b/roles/wazuh-dashboard/tasks/main.yml @@ -13,7 +13,7 @@ become: true - name: Linux CentOS/RedHat | Install wazuh-dashboard using yum - ansible.builtin.yum: + ansible.builtin.dnf: name: "{{ wazuh_dashboard_package_download_path }}/{{ wazuh_dashboard_package_name }}_{{ ansible_facts.architecture }}.rpm" state: present disable_gpg_check: true diff --git a/roles/wazuh-indexer/tasks/dependencies.yml b/roles/wazuh-indexer/tasks/dependencies.yml index 746068aa..8292316c 100644 --- a/roles/wazuh-indexer/tasks/dependencies.yml +++ b/roles/wazuh-indexer/tasks/dependencies.yml @@ -10,7 +10,7 @@ when: ansible_facts.distribution == 'Amazon' block: - name: Amazon Linux | Install Amazon extras in Amazon Linux 2 - ansible.builtin.yum: + ansible.builtin.dnf: name: amazon-linux-extras state: present when: @@ -34,7 +34,7 @@ when: ansible_facts.os_family == 'RedHat' block: - name: RedHat/CentOS/Fedora | Install Indexer dependencies - ansible.builtin.yum: + ansible.builtin.dnf: name: "{{ packages }}" vars: packages: diff --git a/roles/wazuh-indexer/tasks/main.yml b/roles/wazuh-indexer/tasks/main.yml index 3543f219..2ca3e45b 100644 --- a/roles/wazuh-indexer/tasks/main.yml +++ b/roles/wazuh-indexer/tasks/main.yml @@ -13,7 +13,7 @@ become: true - name: Linux CentOS/RedHat | Install wazuh-indexer using yum - ansible.builtin.yum: + ansible.builtin.dnf: name: "{{ wazuh_indexer_package_download_path }}/{{ wazuh_indexer_package_name }}_{{ ansible_facts.architecture }}.rpm" state: present disable_gpg_check: true diff --git a/roles/wazuh-server/tasks/main.yml b/roles/wazuh-server/tasks/main.yml index 04fac0bd..18c23c89 100644 --- a/roles/wazuh-server/tasks/main.yml +++ b/roles/wazuh-server/tasks/main.yml @@ -51,7 +51,7 @@ - ansible_facts.architecture == "aarch64" - name: RedHat/CentOS/Fedora | Install wazuh-server package - ansible.builtin.yum: + ansible.builtin.dnf: name: "{{ wazuh_server_package_download_path }}/{{ wazuh_server_package_name }}_{{ ansible_facts.architecture }}.rpm" state: present disable_gpg_check: true @@ -232,6 +232,7 @@ - name: Wazuh Server | Perform CLI healthcheck (worker) ansible.builtin.command: /var/ossec/bin/cluster_control -l register: cluster_control_list + changed_when: false until: - cluster_control_list.rc == 0 - "'ERR' not in cluster_control_list.stdout"