Modify Wazuh image builder

2025-12-10 00:38:27 -06:00 · 2025-10-28 01:09:49 +07:00 · 2025-10-28 01:09:49 +07:00 · 184675bab5
commit 184675bab5
parent 53a5d1a7e4
15 changed files with 211 additions and 106 deletions
--- a/.github/workflows/Procedure_push_docker_images.yml
+++ b/.github/workflows/Procedure_push_docker_images.yml
@ -11,10 +11,6 @@ on:
      docker_reference:
        description: 'wazuh-docker reference'
        required: true
-      products:
-        description: 'Comma-separated list of the image names to build and push'
-        default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer,wazuh-agent'
-        required: true
      filebeat_module_version:
        description: 'Filebeat module version'
        default: '0.4'
@ -23,11 +19,10 @@ on:
        description: 'Package revision'
        default: '1'
        required: true
-      push_images:
-        description: 'Push images'
-        type: boolean
-        default: true
-        required: true
+      reference:
+        description: 'Dev reference'
+        type: string
+        default: latest 
      id:
        description: "ID used to identify the workflow uniquely."
        type: string
@ -48,11 +43,6 @@ on:
        description: 'wazuh-docker reference'
        required: false
        type: string
-      products:
-        description: 'Comma-separated list of the image names to build and push'
-        default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer,wazuh-agent'
-        required: true
-        type: string
      filebeat_module_version:
        description: 'Filebeat module version'
        default: '0.4'
@ -63,11 +53,10 @@ on:
        default: '1'
        required: true
        type: string
-      push_images:
-        description: 'Push images'
-        type: boolean
-        default: true
-        required: true
+      reference:
+        description: 'Dev reference'
+        type: string
+        default: latest 
      id:
        description: "ID used to identify the workflow uniquely."
        type: string
@ -82,6 +71,16 @@ jobs:
  build-and-push:
    runs-on: ubuntu-22.04

+    permissions:
+      id-token: write
+      contents: read
+
+    env:
+      IMAGE_REGISTRY: ${{ inputs.dev && vars.IMAGE_REGISTRY_DEV || vars.IMAGE_REGISTRY_PROD }}
+      IMAGE_TAG: ${{ inputs.image_tag }}
+      FILEBEAT_MODULE_VERSION: ${{ inputs.filebeat_module_version }}
+      REVISION: ${{ inputs.revision }}
+
    steps:
    - name: Print inputs
      run: |
@ -96,45 +95,97 @@ jobs:
        echo "* id: ${{ inputs.id }}"
        echo "* image_tag: ${{ inputs.image_tag }}"
        echo "* docker_reference: ${{ inputs.docker_reference }}"
-        echo "* products: ${{ inputs.products }}"
        echo "* filebeat_module_version: ${{ inputs.filebeat_module_version }}"
        echo "* revision: ${{ inputs.revision }}"
-        echo "* push_images: ${{ inputs.push_images }}"
        echo "* dev: ${{ inputs.dev }}"
+        echo "* dev reference: ${{ inputs.reference }}"
        echo "---------------------------------------------"

    - name: Checkout repository
      uses: actions/checkout@v4
      with:
        ref: ${{ inputs.docker_reference }}
+    
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v3
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Configure aws credentials
+      if: ${{ inputs.dev == true }}
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        role-to-assume: ${{ secrets.AWS_IAM_DOCKER_ROLE }}
+        aws-region: "${{ secrets.AWS_REGION }}"
+
+    - name: Log in to Amazon ECR
+      if: ${{ inputs.dev == true }}
+      uses: aws-actions/amazon-ecr-login@v2

    - name: Log in to Docker Hub
+      if: ${{ inputs.dev == false }}
      uses: docker/login-action@v3
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_PASSWORD }}

+    - name: Create packages-url.txt file
+      if : ${{ inputs.dev == true }}
+      run: |
+          cat << EOF > packages-url.txt
+          wazuh_manager_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1)
+          wazuh_manager_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1)
+          wazuh_manager_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1)
+          wazuh_manager_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1)
+          wazuh_indexer_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1)
+          wazuh_indexer_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1)
+          wazuh_indexer_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1)
+          wazuh_indexer_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1)
+          wazuh_dashboard_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1)
+          wazuh_dashboard_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1)
+          wazuh_dashboard_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1)
+          wazuh_dashboard_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1)
+          wazuh_agent_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1)
+          wazuh_agent_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1)
+          wazuh_agent_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1)
+          wazuh_agent_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1)
+          wazuh_agent_url_i386_msi: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.i386.msi --expires-in 43200 --region us-west-1)
+          wazuh_agent_url_intel64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.intel64.pkg --expires-in 43200 --region us-west-1)
+          wazuh_agent_url_arm64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.arm64.pkg --expires-in 43200 --region us-west-1)
+          EOF
+          cat packages-url.txt
+      working-directory: ./build-docker-images
+
+    - name: Save packages_url.txt file created as artifact
+      if: ${{ inputs.dev == true }}
+      uses: actions/upload-artifact@v4
+      with:
+        name: packages_url.txt
+        path: /home/runner/work/wazuh-docker/wazuh-docker/build-docker-images/packages-url.txt
+        retention-days: 5
+
    - name: Build Wazuh images
      run: |
-        IMAGE_TAG=${{ inputs.image_tag }}
-        FILEBEAT_MODULE_VERSION=${{ inputs.filebeat_module_version }}
-        REVISION=${{ inputs.revision }}
-
-        if [[ "$IMAGE_TAG" == *"-"* ]]; then
-          IFS='-' read -r -a tokens <<< "$IMAGE_TAG"
-          if [ -z "${tokens[1]}" ]; then
-            echo "Invalid image tag: $IMAGE_TAG"
-            exit 1
+        if [ "${{ inputs.dev }}" = true ]; then
+          IMAGE_TAG="${{ inputs.image_tag }}-${{ inputs.reference }}"
+          ./build-images.sh -v ${{ inputs.image_tag }} -r $REVISION -d "dev" -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m -ref ${{ inputs.reference }}
+        else  
+          if [[ "$IMAGE_TAG" == *"-"* ]]; then
+            IFS='-' read -r -a tokens <<< "$IMAGE_TAG"
+            if [ -z "${tokens[1]}" ]; then
+              echo "Invalid image tag: $IMAGE_TAG"
+              exit 1
+            fi
+            DEV_STAGE=${tokens[1]}
+            WAZUH_VER=${tokens[0]}
+            ./build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m
+          else
+            ./build-images.sh -v $IMAGE_TAG -r $REVISION -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m
          fi
-          DEV_STAGE=${tokens[1]}
-          WAZUH_VER=${tokens[0]}
-          ./build-docker-images/build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -f $FILEBEAT_MODULE_VERSION
-        else
-          ./build-docker-images/build-images.sh -v $IMAGE_TAG -r $REVISION -f $FILEBEAT_MODULE_VERSION
        fi
-
        # Save .env file (generated by build-images.sh) contents to $GITHUB_ENV
-        ENV_FILE_PATH=".env"
+        ENV_FILE_PATH="../.env"

        if [ -f $ENV_FILE_PATH ]; then
          while IFS= read -r line || [ -n "$line" ]; do
@ -144,16 +195,4 @@ jobs:
          echo "The environment file $ENV_FILE_PATH does not exist!"
          exit 1
        fi
-
-    - name: Tag and Push Wazuh images
-      if: ${{ inputs.push_images }}
-      run: |
-        IMAGE_TAG="${{ inputs.image_tag }}$( [ "${{ inputs.dev }}" == "true" ] && echo '-dev' || true )"
-        IMAGE_NAMES=${{ inputs.products }}
-        IFS=',' read -r -a images <<< "$IMAGE_NAMES"
-        for image in "${images[@]}"; do
-          echo "Tagging and pushing wazuh/$image:${WAZUH_VERSION} to wazuh/$image:$IMAGE_TAG"
-          docker tag wazuh/$image:${WAZUH_VERSION} wazuh/$image:$IMAGE_TAG
-          echo "Pushing wazuh/$image:$IMAGE_TAG ..."
-          docker push wazuh/$image:$IMAGE_TAG
-        done
+      working-directory: ./build-docker-images
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -28,7 +28,7 @@ All notable changes to this project will be documented in this file.

 ### Changed

- None
+- Wazuh cert tool generator improvements ([#2027](https://github.com/wazuh/wazuh-docker/pull/2027))

 ### Fixed

@ -46,6 +46,8 @@ All notable changes to this project will be documented in this file.

 ### Changed

+- Change filebeat install method ([#2020](https://github.com/wazuh/wazuh-docker/pull/2020))
+- Remove dashboard chat setting ([#2021](https://github.com/wazuh/wazuh-docker/pull/2021))
 - Rollback data source setting ([#1999](https://github.com/wazuh/wazuh-docker/pull/1999))
 - Dashboard settings added ([#1998](https://github.com/wazuh/wazuh-docker/pull/1998))
 - Add filebeat config file in the PERMANENT_DATA_EXCP list ([#1898](https://github.com/wazuh/wazuh-docker/pull/1898))
@ -53,6 +55,7 @@ All notable changes to this project will be documented in this file.

 ### Fixed

+- Change Wazuh indexer directory owner ([#2029](https://github.com/wazuh/wazuh-docker/pull/2029))
 - Double the amount of space consumed in Wazuh Indexer ([#1953](https://github.com/wazuh/wazuh-docker/pull/1953))
 - Fix config directory for opensearch_security plugin work ([#1951](https://github.com/wazuh/wazuh-docker/pull/1951))
 - Update Dockerfile to copy opensearch-security files ([#1928](https://github.com/wazuh/wazuh-docker/pull/1928))
--- a/build-docker-images/build-images.sh
+++ b/build-docker-images/build-images.sh
@ -15,6 +15,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
 WAZUH_IMAGE_VERSION="5.0.0"
 WAZUH_TAG_REVISION="1"
 WAZUH_DEV_STAGE=""
+WAZUH_TAG_REFERENCE=""
 FILEBEAT_MODULE_VERSION="0.4"

 # -----------------------------------------------------------------------------
@ -38,35 +39,65 @@ build() {

    WAZUH_VERSION="$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')"
    FILEBEAT_TEMPLATE_BRANCH="${WAZUH_IMAGE_VERSION}"
+    WAZUH_MINOR_VERSION="${WAZUH_IMAGE_VERSION%.*}"
    WAZUH_FILEBEAT_MODULE="wazuh-filebeat-${FILEBEAT_MODULE_VERSION}.tar.gz"
    WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}"

-    if  [ "${WAZUH_DEV_STAGE}" ];then
-        FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}"
-        if ! curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then
-            echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}"
-            clean 1
-        fi
-    else
-        if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then
-            FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}"
-        elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then
-            FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}"
+    if [ -z "${WAZUH_TAG_REFERENCE}" ]; then
+        if  [ "${WAZUH_DEV_STAGE}" ];then
+            FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}"
+            if ! curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then
+                echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}"
+                clean 1
+            fi
        else
-            echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}"
-            clean 1
+            if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then
+                FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}"
+            elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then
+                FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}"
+            else
+                echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}"
+                clean 1
+            fi
        fi
    fi
+    # Variables
+    FILE="packages_url.txt"

-    echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env
-    echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> .env
-    echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> .env
-    echo FILEBEAT_TEMPLATE_BRANCH=$FILEBEAT_TEMPLATE_BRANCH >> .env
-    echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> .env
-    echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> .env
+    if [[ -f "$FILE" ]]; then
+        echo "$FILE exists. Using existing file."
+    else
+        TAG="v${WAZUH_VERSION}"
+        REPO="wazuh/wazuh-docker"
+        GH_URL="https://api.github.com/repos/${REPO}/git/refs/tags/${TAG}"

-    docker compose -f build-docker-images/build-images.yml --env-file .env build --no-cache || clean 1
+        if curl -fsSL "$GH_URL" >/dev/null 2>&1; then
+            curl -fsSL -o "$FILE" "https://packages.wazuh.com/${WAZUH_MINOR_VERSION}/packages_url.txt"
+        else
+            curl -fsSL -o "$FILE" "https://packages-dev.wazuh.com/${WAZUH_MINOR_VERSION}/packages_url.txt"
+        fi
+    fi
+    sed -Ei 's/^([^:]+):[[:space:]]+(https?:\/\/.*)$/\1=\2/' $FILE
+    sed 's/[-.]/_/g' $FILE > packages_env.txt
+    
+    echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > ../.env
+    echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> ../.env
+    echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> ../.env
+    echo FILEBEAT_TEMPLATE_BRANCH=$FILEBEAT_TEMPLATE_BRANCH >> ../.env
+    echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> ../.env
+    echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> ../.env
+    echo WAZUH_REGISTRY=$WAZUH_REGISTRY >> ../.env

+    set -a
+    source ../.env
+    source packages_env.txt
+    set +a
+
+    if  [ "${MULTIARCH}" ];then
+        docker buildx bake --file build-images.yml --push --set *.platform=linux/amd64,linux/arm64 --no-cache|| clean 1
+    else
+        docker buildx bake --file build-images.yml --no-cache|| clean 1
+    fi
    return 0
 }

@ -76,10 +107,13 @@ help() {
    echo
    echo "Usage: $0 [OPTIONS]"
    echo
-    echo "    -d, --dev <ref>              [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default."
+    echo "    -d, --dev <ref>              [Optional] Set the development stage you want to build, example rc2 or beta1, not used by default."
    echo "    -f, --filebeat-module <ref>  [Optional] Set Filebeat module version. By default ${FILEBEAT_MODULE_VERSION}."
    echo "    -r, --revision <rev>         [Optional] Package revision. By default ${WAZUH_TAG_REVISION}"
+    echo "    -ref, --reference <ref>      [Optional] Set the Wazuh reference to build development images. By default, the latest stable release."
+    echo "    -rg, --registry <reg>        [Optional] Set the Docker registry to push the images."
    echo "    -v, --version <ver>          [Optional] Set the Wazuh version should be builded. By default, ${WAZUH_IMAGE_VERSION}."
+    echo "    -m, --multiarch              [Optional] Enable multi-architecture builds."
    echo "    -h, --help                   Show this help."
    echo
    exit $1
@ -110,6 +144,10 @@ main() {
                help 1
            fi
            ;;
+        "-m"|"--multiarch")
+            MULTIARCH="true"
+                shift
+            ;;
        "-r"|"--revision")
            if [ -n "${2}" ]; then
                WAZUH_TAG_REVISION="${2}"
@ -118,6 +156,22 @@ main() {
                help 1
            fi
            ;;
+        "-ref"|"--reference")
+            if [ -n "${2}" ]; then
+                WAZUH_TAG_REFERENCE="${2}"
+                shift 2
+            else
+                help 1
+            fi
+            ;;
+        "-rg"|"--registry")
+            if [ -n "${2}" ]; then
+                WAZUH_REGISTRY="${2}"
+                shift 2
+            else
+                help 1
+            fi
+            ;;
        "-v"|"--version")
            if [ -n "$2" ]; then
                WAZUH_IMAGE_VERSION="$2"
--- a/build-docker-images/build-images.yml
+++ b/build-docker-images/build-images.yml
@ -8,7 +8,7 @@ services:
        WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
        FILEBEAT_TEMPLATE_BRANCH: ${FILEBEAT_TEMPLATE_BRANCH}
        WAZUH_FILEBEAT_MODULE: ${WAZUH_FILEBEAT_MODULE}
-    image: wazuh/wazuh-manager:${WAZUH_IMAGE_VERSION}
+    image: ${WAZUH_REGISTRY}/wazuh/wazuh-manager:${IMAGE_TAG}
    hostname: wazuh.manager
    restart: always
    ports:
@ -38,7 +38,7 @@ services:
      args:
        WAZUH_VERSION: ${WAZUH_VERSION}
        WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
-    image: wazuh/wazuh-agent:${WAZUH_IMAGE_VERSION}
+    image: ${WAZUH_REGISTRY}/wazuh/wazuh-agent:${IMAGE_TAG}
    hostname: wazuh.agent
    restart: always

@ -48,7 +48,7 @@ services:
      args:
        WAZUH_VERSION: ${WAZUH_VERSION}
        WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
-    image: wazuh/wazuh-indexer:${WAZUH_IMAGE_VERSION}
+    image: ${WAZUH_REGISTRY}/wazuh/wazuh-indexer:${IMAGE_TAG}
    hostname: wazuh.indexer
    restart: always
    ports:
@ -70,7 +70,7 @@ services:
        WAZUH_VERSION: ${WAZUH_VERSION}
        WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
        WAZUH_UI_REVISION: ${WAZUH_UI_REVISION}
-    image: wazuh/wazuh-dashboard:${WAZUH_IMAGE_VERSION}
+    image: ${WAZUH_REGISTRY}/wazuh/wazuh-dashboard:${IMAGE_TAG}
    hostname: wazuh.dashboard
    restart: always
    ports:
--- a/build-docker-images/wazuh-indexer/Dockerfile
+++ b/build-docker-images/wazuh-indexer/Dockerfile
@ -62,9 +62,10 @@ COPY config/entrypoint.sh /

 COPY config/securityadmin.sh /

-RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh
-
-RUN chown 1000:1000 /*.sh
+RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh && \
+    mkdir -p /usr/share/wazuh-indexer && \
+    chown 1000:1000 /usr/share/wazuh-indexer && \
+    chown 1000:1000 /*.sh

 COPY --from=builder --chown=1000:1000 /usr/share/wazuh-indexer /usr/share/wazuh-indexer
 COPY --from=builder --chown=1000:1000 /etc/wazuh-indexer /usr/share/wazuh-indexer/config
--- a/build-docker-images/wazuh-manager/Dockerfile
+++ b/build-docker-images/wazuh-manager/Dockerfile
@ -8,6 +8,7 @@ ARG WAZUH_TAG_REVISION
 ARG FILEBEAT_TEMPLATE_BRANCH
 ARG FILEBEAT_CHANNEL=filebeat-oss
 ARG FILEBEAT_VERSION=7.10.2
+ARG FILEBEAT_REVISION=2
 ARG WAZUH_FILEBEAT_MODULE
 ARG S6_VERSION="v2.2.0.3"

--- a/build-docker-images/wazuh-manager/config/filebeat_module.sh
+++ b/build-docker-images/wazuh-manager/config/filebeat_module.sh
@ -7,6 +7,5 @@ if [[ -n "${WAZUH_TAG}" ]]; then
  REPOSITORY="packages.wazuh.com/5.x"
 fi

-curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\
-yum install -y ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && \
+yum install filebeat-${FILEBEAT_VERSION}-${FILEBEAT_REVISION} -y && \
 curl -s https://${REPOSITORY}/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module
--- a/docs/dev/build-image.md
+++ b/docs/dev/build-image.md
@ -23,7 +23,7 @@ $ build-docker-images/build-images.sh -h

 Usage: build-docker-images/build-images.sh [OPTIONS]

-    -d, --dev <ref>              [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default.
+    -d, --dev <ref>              [Optional] Set the development stage you want to build, example rc2 or beta1, not used by default.
    -f, --filebeat-module <ref>  [Optional] Set Filebeat module version. By default 0.4.
    -r, --revision <rev>         [Optional] Package revision. By default 1
    -v, --version <ver>          [Optional] Set the Wazuh version should be builded. By default, 5.0.0.
--- a/indexer-certs-creator/Dockerfile
+++ b/indexer-certs-creator/Dockerfile
@ -1,7 +1,7 @@
 # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
-FROM ubuntu:focal
+FROM amazonlinux:2023

-RUN apt-get update && apt-get install openssl curl -y
+RUN yum update -y && yum install openssl curl-minimal -y

 WORKDIR /

--- a/indexer-certs-creator/README.md
+++ b/indexer-certs-creator/README.md
@ -5,5 +5,5 @@ The dockerfile hosted in this directory is used to build the image used to boot
 To create the image, the following command must be executed:

 ```
-$ docker build -t wazuh/wazuh-certs-generator:0.0.2 .
+$ docker build -t wazuh/wazuh-certs-generator:0.0.3 .
 ```
--- a/indexer-certs-creator/config/entrypoint.sh
+++ b/indexer-certs-creator/config/entrypoint.sh
@ -8,29 +8,35 @@
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/5.0/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/5.0/
+PACKAGES_URL=https://packages.wazuh.com/$CERT_TOOL_VERSION/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/$CERT_TOOL_VERSION/

-## Check if the cert tool exists in S3 buckets
-CERT_TOOL_PACKAGES=$(curl --silent --head --location --output /dev/null --write-out "%{http_code}" "$PACKAGES_URL$CERT_TOOL")
-CERT_TOOL_PACKAGES_DEV=$(curl --silent --head --location --output /dev/null --write-out "%{http_code}" "$PACKAGES_DEV_URL$CERT_TOOL")
+OUTPUT_FILE="/$CERT_TOOL"

-## If cert tool exists in some bucket, download it, if not exit 1
-if [ "$CERT_TOOL_PACKAGES" = "200" ]; then
-  curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL -s
-  echo "The tool to create the certificates exists in the in Packages bucket"
-elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then
-  curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL -s
-  echo "The tool to create the certificates exists in Packages-dev bucket"
+download_package() {
+    local url=$1
+    echo "Checking $url$CERT_TOOL ..."
+    if curl -fsL "$url$CERT_TOOL" -o "$OUTPUT_FILE"; then
+        echo "Downloaded $CERT_TOOL from $url"
+        return 0
+    else
+        return 1
+    fi
+}
+
+# Try first the prod URL, if it fails try the dev URL
+if download_package "$PACKAGES_URL"; then
+    :
+elif download_package "$PACKAGES_DEV_URL"; then
+    :
 else
-  echo "The tool to create the certificates does not exist in any bucket"
-  echo "ERROR: certificates were not created"
-  exit 1
+    echo "The tool to create the certificates does not exist in any bucket"
+    echo "ERROR: certificates were not created"
+    exit 1
 fi

 cp /config/certs.yml /config.yml
-
-chmod 700 /$CERT_TOOL
+chmod 700 "$OUTPUT_FILE"

 ##############################################################################
 # Creating Cluster certificates
--- a/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml
+++ b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml
@ -14,4 +14,3 @@ uiSettings.overrides.defaultRoute: /app/wz-home
 opensearch_security.cookie.ttl: 900000
 opensearch_security.session.ttl: 900000
 opensearch_security.session.keepalive: true
-assistant.chat.enabled: true
--- a/multi-node/generate-indexer-certs.yml
+++ b/multi-node/generate-indexer-certs.yml
@ -1,8 +1,10 @@
 # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
 services:
  generator:
-    image: wazuh/wazuh-certs-generator:0.0.2
+    image: wazuh/wazuh-certs-generator:0.0.3
    hostname: wazuh-certs-generator
+    environment:
+      - CERT_TOOL_VERSION=4.14
    volumes:
      - ./config/wazuh_indexer_ssl_certs/:/certificates/
      - ./config/certs.yml:/config/certs.yml
--- a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml
+++ b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml
@ -14,4 +14,3 @@ uiSettings.overrides.defaultRoute: /app/wz-home
 opensearch_security.cookie.ttl: 900000
 opensearch_security.session.ttl: 900000
 opensearch_security.session.keepalive: true
-assistant.chat.enabled: true
--- a/single-node/generate-indexer-certs.yml
+++ b/single-node/generate-indexer-certs.yml
@ -1,8 +1,10 @@
 # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
 services:
  generator:
-    image: wazuh/wazuh-certs-generator:0.0.2
+    image: wazuh/wazuh-certs-generator:0.0.3
    hostname: wazuh-certs-generator
+    environment:
+      - CERT_TOOL_VERSION=4.14
    volumes:
      - ./config/wazuh_indexer_ssl_certs/:/certificates/
      - ./config/certs.yml:/config/certs.yml