wazuh/wazuh-ansible
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-ansible.git synced 2025-12-10 00:38:17 -06:00
Code Issues Packages Projects Releases 105 Wiki Activity

Resolve ansible-lint violations

Browse Source
This commit is contained in:
Jesus Garcia 2025-11-13 17:24:00 -05:00
parent fed047b297
commit ba11184968
No known key found for this signature in database
GPG Key ID: 8461CA78326C96C9
11 changed files with 21 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.github/playbooks/gather_agent_logs.yml vendored
View File

@ -18,7 +18,9 @@
block: block:
- name: Linux | Set required facts for logs gathering (1/2) - name: Linux | Set required facts for logs gathering (1/2)
ansible.builtin.set_fact: ansible.builtin.set_fact:
logs_prefix: "{{ ansible_facts.distribution }}_{{ ansible_facts.distribution_major_version }}_{{ ansible_facts.architecture }}_{{ inventory_hostname }}" logs_prefix: >-
{{ ansible_facts.distribution }}_{{ ansible_facts.distribution_major_version }}_{{
ansible_facts.architecture }}_{{ inventory_hostname }}
- name: Linux | Set required facts for logs gathering (2/2) - name: Linux | Set required facts for logs gathering (2/2)
ansible.builtin.set_fact: ansible.builtin.set_fact:
@ -57,6 +59,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item.path }}" src: "{{ item.path }}"
dest: "{{ remote_logs_path }}/{{ logs_prefix }}_{{ item.path | basename }}" dest: "{{ remote_logs_path }}/{{ logs_prefix }}_{{ item.path | basename }}"
mode: '0644'
remote_src: true remote_src: true
loop: "{{ wazuh_agent_logs.files | default([]) }}" loop: "{{ wazuh_agent_logs.files | default([]) }}"
loop_control: loop_control:
@ -67,8 +70,8 @@
ansible.builtin.copy: ansible.builtin.copy:
src: /var/ossec/etc/ossec.conf src: /var/ossec/etc/ossec.conf
dest: "{{ remote_logs_path }}/{{ logs_prefix }}_ossec.conf" dest: "{{ remote_logs_path }}/{{ logs_prefix }}_ossec.conf"
remote_src: true
mode: '0644' mode: '0644'
remote_src: true
- name: Linux | Compress Wazuh logs - name: Linux | Compress Wazuh logs
block: block:
@ -79,7 +82,7 @@
format: gz format: gz
mode: '0644' mode: '0644'
rescue: rescue:
- name: Compress Wazuh logs (tar command) - name: Compress Wazuh logs (tar command) # noqa: command-instead-of-module
ansible.builtin.shell: | ansible.builtin.shell: |
tar -czf {{ remote_gathering_path }}/compressed_wazuh_agent_logs_{{ logs_prefix }}.tar.gz -C {{ remote_logs_path }} . tar -czf {{ remote_gathering_path }}/compressed_wazuh_agent_logs_{{ logs_prefix }}.tar.gz -C {{ remote_logs_path }} .
args: args:

6
.github/playbooks/gather_central_logs.yml vendored
View File

@ -68,8 +68,8 @@
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item.path }}" src: "{{ item.path }}"
dest: "{{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_{{ item.path | basename }}" dest: "{{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_{{ item.path | basename }}"
remote_src: true
mode: '0644' mode: '0644'
remote_src: true
loop: "{{ wi_indexer_logs.files | default([]) }}" loop: "{{ wi_indexer_logs.files | default([]) }}"
loop_control: loop_control:
label: "{{ item.path | basename }}" label: "{{ item.path | basename }}"
@ -79,8 +79,8 @@
ansible.builtin.copy: ansible.builtin.copy:
src: /etc/wazuh-indexer/opensearch.yml src: /etc/wazuh-indexer/opensearch.yml
dest: "{{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_opensearch.yml" dest: "{{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_opensearch.yml"
remote_src: true
mode: '0644' mode: '0644'
remote_src: true
- name: Wazuh Server - name: Wazuh Server
when: (single_node | bool) or inventory_hostname in ['manager', 'worker'] when: (single_node | bool) or inventory_hostname in ['manager', 'worker']
@ -147,7 +147,7 @@
format: gz format: gz
mode: '0644' mode: '0644'
rescue: rescue:
- name: Compress Wazuh logs (tar command) - name: Compress Wazuh logs (tar command) # noqa: command-instead-of-module
ansible.builtin.shell: | ansible.builtin.shell: |
tar -czf {{ remote_gathering_path }}/compressed_wazuh_logs_{{ logs_prefix }}.tar.gz -C {{ remote_logs_path }} . tar -czf {{ remote_gathering_path }}/compressed_wazuh_logs_{{ logs_prefix }}.tar.gz -C {{ remote_logs_path }} .
args: args:

4
.github/workflows/aio.yml vendored
View File

@ -601,8 +601,6 @@ jobs:
- name: Run ansible-lint - name: Run ansible-lint
uses: ansible/ansible-lint@v25 uses: ansible/ansible-lint@v25
with: with:
args: | args: "-v wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml"
-v
wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml
working_directory: "wazuh-ansible" working_directory: "wazuh-ansible"
requirements_file: "requirements.yml" requirements_file: "requirements.yml"

4
.github/workflows/distributed.yml vendored
View File

@ -655,8 +655,6 @@ jobs:
- name: Run ansible-lint - name: Run ansible-lint
uses: ansible/ansible-lint@v25 uses: ansible/ansible-lint@v25
with: with:
args: | args: "-v wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml"
-v
wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml
working_directory: "wazuh-ansible" working_directory: "wazuh-ansible"
requirements_file: "requirements.yml" requirements_file: "requirements.yml"

2
roles/wazuh-agent/tasks/Linux.yml
View File

@ -17,7 +17,7 @@
when: ansible_facts.os_family == "Debian" when: ansible_facts.os_family == "Debian"
- name: Linux CentOS/RedHat | Install wazuh-agent - name: Linux CentOS/RedHat | Install wazuh-agent
ansible.builtin.yum: ansible.builtin.dnf:
name: "{{ wazuh_agent_package_download_path }}/{{ wazuh_agent_package_name }}_{{ ansible_facts.architecture }}.rpm" name: "{{ wazuh_agent_package_download_path }}/{{ wazuh_agent_package_name }}_{{ ansible_facts.architecture }}.rpm"
state: present state: present
disable_gpg_check: true disable_gpg_check: true

2
roles/wazuh-agent/tasks/macOS.yml
View File

@ -44,6 +44,8 @@
block: block:
- name: MacOS | Install Wazuh agent using installer - name: MacOS | Install Wazuh agent using installer
ansible.builtin.command: "installer -pkg {{ wazuh_agent_package_download_path }}/{{ wazuh_agent_package_name }}.pkg -target /" ansible.builtin.command: "installer -pkg {{ wazuh_agent_package_download_path }}/{{ wazuh_agent_package_name }}.pkg -target /"
register: install_pkg
changed_when: install_pkg.rc == 0
- name: MacOS | Initialize Wazuh agent service (MacOS 10.10+) - name: MacOS | Initialize Wazuh agent service (MacOS 10.10+)
ansible.builtin.command: "launchctl bootstrap system /Library/LaunchDaemons/com.wazuh.agent.plist" ansible.builtin.command: "launchctl bootstrap system /Library/LaunchDaemons/com.wazuh.agent.plist"

2
roles/wazuh-dashboard/tasks/dependencies.yml
View File

@ -25,7 +25,7 @@
when: ansible_facts.os_family == 'RedHat' when: ansible_facts.os_family == 'RedHat'
block: block:
- name: RedHat/CentOS/Fedora | Install Dashboard dependencies - name: RedHat/CentOS/Fedora | Install Dashboard dependencies
ansible.builtin.yum: ansible.builtin.dnf:
name: "{{ packages }}" name: "{{ packages }}"
state: present state: present
update_cache: true update_cache: true

2
roles/wazuh-dashboard/tasks/main.yml
View File

@ -13,7 +13,7 @@
become: true become: true
- name: Linux CentOS/RedHat | Install wazuh-dashboard using yum - name: Linux CentOS/RedHat | Install wazuh-dashboard using yum
ansible.builtin.yum: ansible.builtin.dnf:
name: "{{ wazuh_dashboard_package_download_path }}/{{ wazuh_dashboard_package_name }}_{{ ansible_facts.architecture }}.rpm" name: "{{ wazuh_dashboard_package_download_path }}/{{ wazuh_dashboard_package_name }}_{{ ansible_facts.architecture }}.rpm"
state: present state: present
disable_gpg_check: true disable_gpg_check: true

4
roles/wazuh-indexer/tasks/dependencies.yml
View File

@ -10,7 +10,7 @@
when: ansible_facts.distribution == 'Amazon' when: ansible_facts.distribution == 'Amazon'
block: block:
- name: Amazon Linux | Install Amazon extras in Amazon Linux 2 - name: Amazon Linux | Install Amazon extras in Amazon Linux 2
ansible.builtin.yum: ansible.builtin.dnf:
name: amazon-linux-extras name: amazon-linux-extras
state: present state: present
when: when:
@ -34,7 +34,7 @@
when: ansible_facts.os_family == 'RedHat' when: ansible_facts.os_family == 'RedHat'
block: block:
- name: RedHat/CentOS/Fedora | Install Indexer dependencies - name: RedHat/CentOS/Fedora | Install Indexer dependencies
ansible.builtin.yum: ansible.builtin.dnf:
name: "{{ packages }}" name: "{{ packages }}"
vars: vars:
packages: packages:

2
roles/wazuh-indexer/tasks/main.yml
View File

@ -13,7 +13,7 @@
become: true become: true
- name: Linux CentOS/RedHat | Install wazuh-indexer using yum - name: Linux CentOS/RedHat | Install wazuh-indexer using yum
ansible.builtin.yum: ansible.builtin.dnf:
name: "{{ wazuh_indexer_package_download_path }}/{{ wazuh_indexer_package_name }}_{{ ansible_facts.architecture }}.rpm" name: "{{ wazuh_indexer_package_download_path }}/{{ wazuh_indexer_package_name }}_{{ ansible_facts.architecture }}.rpm"
state: present state: present
disable_gpg_check: true disable_gpg_check: true

3
roles/wazuh-server/tasks/main.yml
View File

@ -51,7 +51,7 @@
- ansible_facts.architecture == "aarch64" - ansible_facts.architecture == "aarch64"
- name: RedHat/CentOS/Fedora | Install wazuh-server package - name: RedHat/CentOS/Fedora | Install wazuh-server package
ansible.builtin.yum: ansible.builtin.dnf:
name: "{{ wazuh_server_package_download_path }}/{{ wazuh_server_package_name }}_{{ ansible_facts.architecture }}.rpm" name: "{{ wazuh_server_package_download_path }}/{{ wazuh_server_package_name }}_{{ ansible_facts.architecture }}.rpm"
state: present state: present
disable_gpg_check: true disable_gpg_check: true
@ -232,6 +232,7 @@
- name: Wazuh Server | Perform CLI healthcheck (worker) - name: Wazuh Server | Perform CLI healthcheck (worker)
ansible.builtin.command: /var/ossec/bin/cluster_control -l ansible.builtin.command: /var/ossec/bin/cluster_control -l
register: cluster_control_list register: cluster_control_list
changed_when: false
until: until:
- cluster_control_list.rc == 0 - cluster_control_list.rc == 0
- "'ERR' not in cluster_control_list.stdout" - "'ERR' not in cluster_control_list.stdout"