From 02de528417b9c5a64953ef8a52eb31edcae2316f Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 13 May 2025 14:54:48 -0300 Subject: [PATCH 01/29] Bump 5.0.0 version --- .env | 6 +++--- .github/.goss.yaml | 2 +- .../Procedure_push_docker_images.yml | 4 ++-- CHANGELOG.md | 19 +++++++++++++++++++ VERSION.json | 2 +- build-docker-images/README.md | 4 ++-- build-docker-images/build-images.sh | 4 ++-- .../config/check_repository.sh | 2 +- .../wazuh-dashboard/config/config.sh | 4 ++-- .../wazuh-indexer/config/check_repository.sh | 2 +- .../wazuh-indexer/config/config.sh | 4 ++-- .../wazuh-manager/config/check_repository.sh | 2 +- .../wazuh-manager/config/filebeat_module.sh | 2 +- indexer-certs-creator/config/entrypoint.sh | 4 ++-- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 16 files changed, 49 insertions(+), 30 deletions(-) diff --git a/.env b/.env index 7af5f540..c2d4e554 100755 --- a/.env +++ b/.env @@ -1,6 +1,6 @@ -WAZUH_VERSION=4.13.0 -WAZUH_IMAGE_VERSION=4.13.0 +WAZUH_VERSION=5.0.0 +WAZUH_IMAGE_VERSION=5.0.0 WAZUH_TAG_REVISION=1 -FILEBEAT_TEMPLATE_BRANCH=4.13.0 +FILEBEAT_TEMPLATE_BRANCH=5.0.0 WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.4.tar.gz WAZUH_UI_REVISION=1 diff --git a/.github/.goss.yaml b/.github/.goss.yaml index fcdc65e2..85c33160 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.13.0 + - 5.0.0 port: tcp:1514: listening: true diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index eccff387..e1e99565 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -6,7 +6,7 @@ on: inputs: image_tag: description: 'Docker image tag' - default: '4.13.0' + default: '5.0.0' required: true docker_reference: description: 'wazuh-docker reference' @@ -41,7 +41,7 @@ on: inputs: image_tag: description: 'Docker image tag' - default: '4.13.0' + default: '5.0.0' required: true type: string docker_reference: diff --git a/CHANGELOG.md b/CHANGELOG.md index 57053b88..74b95602 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,25 @@ # Change Log All notable changes to this project will be documented in this file. +## [5.0.0] + +### Added + +- None + +### Changed + +- None + +### Fixed + +- None + +### Deleted + +- None + + ## [4.13.0] ### Added diff --git a/VERSION.json b/VERSION.json index dfee93c3..93df817f 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1,4 +1,4 @@ { - "version": "4.13.0", + "version": "5.0.0", "stage": "alpha0" } diff --git a/build-docker-images/README.md b/build-docker-images/README.md index a10e1e9b..11fde42c 100644 --- a/build-docker-images/README.md +++ b/build-docker-images/README.md @@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: ``` -$ build-docker-images/build-images.sh -v 4.13.0 +$ build-docker-images/build-images.sh -v 5.0.0 ``` To get all the available script options use the -h or --help option: @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.13.0. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 5.0.0. -h, --help Show this help. ``` \ No newline at end of file diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index 7d2e9948..287f1351 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -1,4 +1,4 @@ -WAZUH_IMAGE_VERSION=4.13.0 +WAZUH_IMAGE_VERSION=5.0.0 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g') WAZUH_TAG_REVISION=1 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g') @@ -12,7 +12,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION} # License (version 2) as published by the FSF - Free Software # Foundation. -WAZUH_IMAGE_VERSION="4.13.0" +WAZUH_IMAGE_VERSION="5.0.0" WAZUH_TAG_REVISION="1" WAZUH_DEV_STAGE="" FILEBEAT_MODULE_VERSION="0.4" diff --git a/build-docker-images/wazuh-dashboard/config/check_repository.sh b/build-docker-images/wazuh-dashboard/config/check_repository.sh index e49e69c2..3defb44e 100644 --- a/build-docker-images/wazuh-dashboard/config/check_repository.sh +++ b/build-docker-images/wazuh-dashboard/config/check_repository.sh @@ -8,7 +8,7 @@ WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags if [[ -n "${WAZUH_TAG}" ]]; then APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1" + REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/5.x/yum/\nprotect=1" fi rpm --import "${APT_KEY}" diff --git a/build-docker-images/wazuh-dashboard/config/config.sh b/build-docker-images/wazuh-dashboard/config/config.sh index 92dc9c2e..b2cbfea4 100644 --- a/build-docker-images/wazuh-dashboard/config/config.sh +++ b/build-docker-images/wazuh-dashboard/config/config.sh @@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config ## Variables CERT_TOOL=wazuh-certs-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.13/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.13/ +PACKAGES_URL=https://packages.wazuh.com/5.0/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/5.0/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/build-docker-images/wazuh-indexer/config/check_repository.sh b/build-docker-images/wazuh-indexer/config/check_repository.sh index e49e69c2..3defb44e 100644 --- a/build-docker-images/wazuh-indexer/config/check_repository.sh +++ b/build-docker-images/wazuh-indexer/config/check_repository.sh @@ -8,7 +8,7 @@ WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags if [[ -n "${WAZUH_TAG}" ]]; then APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1" + REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/5.x/yum/\nprotect=1" fi rpm --import "${APT_KEY}" diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 94d55d43..29a09b73 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -22,8 +22,8 @@ export REPO_DIR=/unattended_installer ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.13/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.13/ +PACKAGES_URL=https://packages.wazuh.com/5.0/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/5.0/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/build-docker-images/wazuh-manager/config/check_repository.sh b/build-docker-images/wazuh-manager/config/check_repository.sh index e49e69c2..3defb44e 100644 --- a/build-docker-images/wazuh-manager/config/check_repository.sh +++ b/build-docker-images/wazuh-manager/config/check_repository.sh @@ -8,7 +8,7 @@ WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags if [[ -n "${WAZUH_TAG}" ]]; then APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1" + REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/5.x/yum/\nprotect=1" fi rpm --import "${APT_KEY}" diff --git a/build-docker-images/wazuh-manager/config/filebeat_module.sh b/build-docker-images/wazuh-manager/config/filebeat_module.sh index 5357255d..9926c6c1 100644 --- a/build-docker-images/wazuh-manager/config/filebeat_module.sh +++ b/build-docker-images/wazuh-manager/config/filebeat_module.sh @@ -4,7 +4,7 @@ WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags ## check tag to use the correct repository if [[ -n "${WAZUH_TAG}" ]]; then - REPOSITORY="packages.wazuh.com/4.x" + REPOSITORY="packages.wazuh.com/5.x" fi curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\ diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index f9529b89..75861833 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -8,8 +8,8 @@ ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.13/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.13/ +PACKAGES_URL=https://packages.wazuh.com/5.0/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/5.0/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index bff74cfd..f7be620a 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.13.0 + image: wazuh/wazuh-manager:5.0.0 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.13.0 + image: wazuh/wazuh-manager:5.0.0 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.13.0 + image: wazuh/wazuh-indexer:5.0.0 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.13.0 + image: wazuh/wazuh-indexer:5.0.0 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.13.0 + image: wazuh/wazuh-indexer:5.0.0 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.13.0 + image: wazuh/wazuh-dashboard:5.0.0 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 18befd60..6ae87391 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.13.0 + image: wazuh/wazuh-manager:5.0.0 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.13.0 + image: wazuh/wazuh-indexer:5.0.0 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.13.0 + image: wazuh/wazuh-dashboard:5.0.0 hostname: wazuh.dashboard restart: always ports: From cd69030b165d4d89b97aa03d18024b297f960571 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 29 May 2025 09:30:11 -0300 Subject: [PATCH 02/29] Remove 4.12.2 references from 4.14.0 branch --- CHANGELOG.md | 26 ++++---------------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c7d83dd6..4f00fb74 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -42,6 +42,10 @@ All notable changes to this project will be documented in this file. ### Added - Added repository_bumper script. ([#1781](https://github.com/wazuh/wazuh-docker/pull/1781)) +- Fix Warning message when migrating Docker compose v2 ([#1828](https://github.com/wazuh/wazuh-docker/pull/1828)) +- Add technical documentation ([#1822](https://github.com/wazuh/wazuh-docker/pull/1822)) +- Add wazuh agent test and push ([#1817](https://github.com/wazuh/wazuh-docker/pull/1817)) +- Add Wazuh agent image build and deploy ([#1816](https://github.com/wazuh/wazuh-docker/pull/1816)) ### Changed @@ -56,28 +60,6 @@ All notable changes to this project will be documented in this file. - Remove default docker reference version from workflow ([#1761](https://github.com/wazuh/wazuh-docker/pull/1761)) - Remove 'stable' branch ocurrencies ([#1757](https://github.com/wazuh/wazuh-docker/pull/1757)) -## [4.12.2] - -### Added - -- Fix Warning message when migrating Docker compose v2 ([#1828](https://github.com/wazuh/wazuh-docker/pull/1828)) -- Add technical documentation ([#1822](https://github.com/wazuh/wazuh-docker/pull/1822)) -- Add wazuh agent test and push ([#1817](https://github.com/wazuh/wazuh-docker/pull/1817)) -- Add Wazuh agent image build and deploy ([#1816](https://github.com/wazuh/wazuh-docker/pull/1816)) - -### Changed - -- None - -### Fixed - -- None - -### Deleted - -- None - - ## [4.12.1] ### Added From f1a3a48c1ab19c9192b3eeab7d2f4818acf89235 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 30 May 2025 11:18:10 -0300 Subject: [PATCH 03/29] Bump 5.0.0 technical documentation --- README.md | 2 +- docs/dev/build-image.md | 4 ++-- docs/dev/introduction.md | 2 +- docs/dev/setup.md | 6 +++--- docs/ref/Introduction/description.md | 6 +++--- docs/ref/Introduction/introduction.md | 4 ++-- docs/ref/configuration/configuration-files.md | 2 +- docs/ref/configuration/configuration.md | 2 +- docs/ref/getting-started/deployment/deployment.md | 6 +++--- docs/ref/getting-started/getting-started.md | 6 +++--- docs/ref/getting-started/requirements.md | 2 +- docs/ref/glossary.md | 6 +++--- wazuh-agent/docker-compose.yml | 2 +- 13 files changed, 25 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 18e3a596..bcd5f817 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ The `wazuh/wazuh-docker` repository provides resources to deploy the Wazuh cyber ## Branch Convention - `main`: Developing and testing of new features. -- `X.Y.Z`: Version-specific branches (e.g., `4.12.2`, `4.11.0`, etc.). +- `X.Y.Z`: Version-specific branches (e.g., `5.0.0`, `4.14.0`, etc.). ## Documentation diff --git a/docs/dev/build-image.md b/docs/dev/build-image.md index 58a7c734..11fde42c 100644 --- a/docs/dev/build-image.md +++ b/docs/dev/build-image.md @@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: ``` -$ build-docker-images/build-images.sh -v 4.12.2 +$ build-docker-images/build-images.sh -v 5.0.0 ``` To get all the available script options use the -h or --help option: @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.12.2. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 5.0.0. -h, --help Show this help. ``` \ No newline at end of file diff --git a/docs/dev/introduction.md b/docs/dev/introduction.md index 56e13df2..bb0f0850 100644 --- a/docs/dev/introduction.md +++ b/docs/dev/introduction.md @@ -1,6 +1,6 @@ # Development Guide - Introduction -Welcome to the Development Guide for Wazuh-docker version 4.12.2. This guide is intended for developers, contributors, and advanced users who wish to understand the development aspects of the Wazuh-Docker project, build custom Docker images, or contribute to its development. +Welcome to the Development Guide for Wazuh-docker version 5.0.0 This guide is intended for developers, contributors, and advanced users who wish to understand the development aspects of the Wazuh-Docker project, build custom Docker images, or contribute to its development. ## Purpose of This Guide diff --git a/docs/dev/setup.md b/docs/dev/setup.md index 3c9d37d5..3456bd24 100644 --- a/docs/dev/setup.md +++ b/docs/dev/setup.md @@ -1,6 +1,6 @@ # Development Guide - Setup Environment -This section outlines the steps required to set up your local development environment for working with the Wazuh-Docker project (version 4.12.2). A proper setup is crucial for building images, running tests, and contributing effectively. +This section outlines the steps required to set up your local development environment for working with the Wazuh-Docker project (version 5.0.0). A proper setup is crucial for building images, running tests, and contributing effectively. ## Prerequisites @@ -26,12 +26,12 @@ Before you begin, ensure your system meets the following requirements: Follow these steps to prepare your development environment: 1. **Clone the Repository**: - Clone the `wazuh-docker` repository from GitHub. It's important to check out the specific branch you intend to work with, in this case, `4.12.2`. + Clone the `wazuh-docker` repository from GitHub. It's important to check out the specific branch you intend to work with, in this case, `5.0.0`. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout 4.12.2 + git checkout v5.0.0 ``` 2. **Verify Docker Installation**: diff --git a/docs/ref/Introduction/description.md b/docs/ref/Introduction/description.md index 917fbfe1..6679997f 100644 --- a/docs/ref/Introduction/description.md +++ b/docs/ref/Introduction/description.md @@ -1,6 +1,6 @@ # Reference Manual - Description -This section provides a detailed description of Wazuh-docker (version 4.12.2), its components, and its architecture when deployed using Docker containers. Understanding these aspects is key to effectively deploying and managing your Wazuh environment. +This section provides a detailed description of Wazuh-docker (version 5.0.0), its components, and its architecture when deployed using Docker containers. Understanding these aspects is key to effectively deploying and managing your Wazuh environment. ## What is Wazuh? @@ -18,7 +18,7 @@ Wazuh-docker is a project that provides Docker images and `docker compose` confi ## Core Components in Wazuh-Docker -The Wazuh-Docker project typically provides images for the following core Wazuh components, adapted for version 4.12.2: +The Wazuh-Docker project typically provides images for the following core Wazuh components, adapted for version 5.0.0: 1. **Wazuh Manager**: - The central component that collects and analyzes data from deployed Wazuh agents. @@ -28,7 +28,7 @@ The Wazuh-Docker project typically provides images for the following core Wazuh 2. **Wazuh Indexer**: - A highly scalable, full-text search and analytics engine. - Based on OpenSearch (or historically Elasticsearch), it stores and indexes alerts and monitoring data generated by the Wazuh manager. - - The Wazuh indexer container provides the data persistence layer for Wazuh alerts and events. For version 4.12.2, this is typically an OpenSearch-based component. + - The Wazuh indexer container provides the data persistence layer for Wazuh alerts and events. For version 5.0.0, this is typically an OpenSearch-based component. 3. **Wazuh Dashboard**: - A flexible visualization tool based on OpenSearch Dashboards (or historically Kibana). diff --git a/docs/ref/Introduction/introduction.md b/docs/ref/Introduction/introduction.md index 486322e4..f0ea1b10 100644 --- a/docs/ref/Introduction/introduction.md +++ b/docs/ref/Introduction/introduction.md @@ -1,6 +1,6 @@ # Reference Manual - Introduction -Welcome to the Reference Manual for Wazuh-Docker, version 4.12.2. This manual provides comprehensive information about deploying, configuring, and managing your Wazuh environment using Docker. +Welcome to the Reference Manual for Wazuh-Docker, version 5.0.0. This manual provides comprehensive information about deploying, configuring, and managing your Wazuh environment using Docker. ## Purpose of This Manual @@ -44,4 +44,4 @@ This manual is structured to help you find information efficiently: - If you need to customize your deployment, refer to the [Configuration](configuration/configuration.md) section. - For specific terms or concepts, consult the [Glossary](glossary.md). -This manual refers to version 4.12.2 of Wazuh-Docker. Ensure you are using the documentation that corresponds to your deployed version. +This manual refers to version 5.0.0 of Wazuh-Docker. Ensure you are using the documentation that corresponds to your deployed version. diff --git a/docs/ref/configuration/configuration-files.md b/docs/ref/configuration/configuration-files.md index 4689286f..d733cfdd 100644 --- a/docs/ref/configuration/configuration-files.md +++ b/docs/ref/configuration/configuration-files.md @@ -29,4 +29,4 @@ ``` -Consult the official Wazuh documentation for version 4.12.2 for detailed information on all possible configuration parameters for each component. \ No newline at end of file +Consult the official Wazuh documentation for version 5.0.0 for detailed information on all possible configuration parameters for each component. \ No newline at end of file diff --git a/docs/ref/configuration/configuration.md b/docs/ref/configuration/configuration.md index dba9730e..636884d7 100644 --- a/docs/ref/configuration/configuration.md +++ b/docs/ref/configuration/configuration.md @@ -1,6 +1,6 @@ # Reference Manual - Configuration -This section details how to configure your Wazuh-Docker deployment (version 4.12.2). Proper configuration is key to tailoring the Wazuh stack to your specific needs, managing data persistence, and integrating with your environment. +This section details how to configure your Wazuh-Docker deployment (version 5.0.0). Proper configuration is key to tailoring the Wazuh stack to your specific needs, managing data persistence, and integrating with your environment. ## Overview of Configuration Methods diff --git a/docs/ref/getting-started/deployment/deployment.md b/docs/ref/getting-started/deployment/deployment.md index c5d3e43f..48360ef6 100644 --- a/docs/ref/getting-started/deployment/deployment.md +++ b/docs/ref/getting-started/deployment/deployment.md @@ -1,6 +1,6 @@ # Reference Manual - Deployment -This section provides detailed instructions for deploying Wazuh-Docker (version 4.12.2) in various configurations. Choose the deployment model that best suits your needs, from simple single-node setups for testing to more robust multi-node configurations for production environments. +This section provides detailed instructions for deploying Wazuh-Docker (version 5.0.0) in various configurations. Choose the deployment model that best suits your needs, from simple single-node setups for testing to more robust multi-node configurations for production environments. ## Overview of Deployment Options @@ -24,11 +24,11 @@ Ensure you have: - Met all the [System Requirements](ref/getting-started/requirements.md). - Installed Docker and Docker Compose on your host(s). -- Cloned the `wazuh-docker` repository (version `4.12.2`) or downloaded the necessary deployment files. +- Cloned the `wazuh-docker` repository (version `5.0.0`) or downloaded the necessary deployment files. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.12.2 + git checkout v5.0.0 ``` - Made a backup of any existing Wazuh data if you are migrating or upgrading. diff --git a/docs/ref/getting-started/getting-started.md b/docs/ref/getting-started/getting-started.md index 4744e477..677a16ef 100644 --- a/docs/ref/getting-started/getting-started.md +++ b/docs/ref/getting-started/getting-started.md @@ -1,6 +1,6 @@ # Reference Manual - Getting Started -This section guides you through the initial steps to get your Wazuh-docker (version 4.12.2) environment up and running. We will cover the prerequisites and point you to the deployment instructions. +This section guides you through the initial steps to get your Wazuh-docker (version 5.0.0) environment up and running. We will cover the prerequisites and point you to the deployment instructions. ## Overview @@ -27,11 +27,11 @@ Before diving into the deployment, please ensure you have reviewed: Verify that your host system has sufficient RAM, CPU, and disk space. Ensure Docker and Docker Compose are installed and functioning correctly. 2. **Obtain Wazuh-docker Configuration**: - You'll need the Docker Compose files and any associated configuration files from the `wazuh-docker` repository for version 4.12.2. + You'll need the Docker Compose files and any associated configuration files from the `wazuh-docker` repository for version 5.0.0. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.12.2 + git checkout v5.0.0 # Navigate to the specific docker-compose directory, e.g., single-node or multi-node # cd docker-compose/single-node/ (example path) ``` diff --git a/docs/ref/getting-started/requirements.md b/docs/ref/getting-started/requirements.md index 180a315f..407cc557 100644 --- a/docs/ref/getting-started/requirements.md +++ b/docs/ref/getting-started/requirements.md @@ -1,6 +1,6 @@ # Reference Manual - Requirements -Before deploying Wazuh-Docker (version 4.12.2), it's essential to ensure your environment meets the necessary hardware and software requirements. Meeting these prerequisites will help ensure a stable and performant Wazuh deployment. +Before deploying Wazuh-Docker (version 5.0.0), it's essential to ensure your environment meets the necessary hardware and software requirements. Meeting these prerequisites will help ensure a stable and performant Wazuh deployment. ## Host System Requirements diff --git a/docs/ref/glossary.md b/docs/ref/glossary.md index fb3e6445..c716700b 100644 --- a/docs/ref/glossary.md +++ b/docs/ref/glossary.md @@ -1,6 +1,6 @@ # Reference Manual - Glossary -This glossary defines key terms and concepts related to Wazuh, Docker, and their use together in the Wazuh-Docker project (version 4.12.2). +This glossary defines key terms and concepts related to Wazuh, Docker, and their use together in the Wazuh-Docker project (version 5.0.0). --- @@ -22,7 +22,7 @@ This glossary defines key terms and concepts related to Wazuh, Docker, and their **D** -- **Dashboard (Wazuh Dashboard / OpenSearch Dashboards / Kibana)**: A web-based visualization tool used to explore, analyze, and visualize data stored in the Wazuh Indexer. It provides dashboards, visualizations, and a query interface for security events and alerts. For Wazuh 4.12.2, this is typically OpenSearch Dashboards. +- **Dashboard (Wazuh Dashboard / OpenSearch Dashboards / Kibana)**: A web-based visualization tool used to explore, analyze, and visualize data stored in the Wazuh Indexer. It provides dashboards, visualizations, and a query interface for security events and alerts. For Wazuh 5.0.0, this is typically OpenSearch Dashboards. - **Decoder**: A component in the Wazuh Manager that parses and extracts relevant information (fields) from raw log messages or event data. - **Docker**: An open platform for developing, shipping, and running applications inside containers. - **Docker Compose**: A tool for defining and running multi-container Docker applications. It uses a YAML file (`docker-compose.yml`) to configure the application's services, networks, and volumes. @@ -42,7 +42,7 @@ This glossary defines key terms and concepts related to Wazuh, Docker, and their **I** -- **Indexer (Wazuh Indexer / OpenSearch / Elasticsearch)**: The component responsible for storing, indexing, and making searchable the alerts and event data generated by the Wazuh Manager. For Wazuh 4.12.2, this is typically OpenSearch. +- **Indexer (Wazuh Indexer / OpenSearch / Elasticsearch)**: The component responsible for storing, indexing, and making searchable the alerts and event data generated by the Wazuh Manager. For Wazuh 5.0.0, this is typically OpenSearch. **L** diff --git a/wazuh-agent/docker-compose.yml b/wazuh-agent/docker-compose.yml index 3912908f..150c17e6 100644 --- a/wazuh-agent/docker-compose.yml +++ b/wazuh-agent/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.agent: - image: wazuh/wazuh-agent:4.12.1 + image: wazuh/wazuh-agent:5.0.0 restart: always environment: - WAZUH_MANAGER_SERVER= From 184802c3b9c9251e755b960bfa3d1ff549f57067 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Mon, 23 Jun 2025 13:29:39 -0300 Subject: [PATCH 04/29] Fix Opensearch deprecated settings --- build-docker-images/wazuh-indexer/config/opensearch.yml | 1 - multi-node/config/wazuh_dashboard/opensearch_dashboards.yml | 2 +- multi-node/config/wazuh_indexer/wazuh1.indexer.yml | 3 +-- multi-node/config/wazuh_indexer/wazuh2.indexer.yml | 3 +-- multi-node/config/wazuh_indexer/wazuh3.indexer.yml | 3 +-- single-node/config/wazuh_dashboard/opensearch_dashboards.yml | 2 +- single-node/config/wazuh_indexer/wazuh.indexer.yml | 1 - 7 files changed, 5 insertions(+), 10 deletions(-) diff --git a/build-docker-images/wazuh-indexer/config/opensearch.yml b/build-docker-images/wazuh-indexer/config/opensearch.yml index 1f0a78b3..68cb7a12 100644 --- a/build-docker-images/wazuh-indexer/config/opensearch.yml +++ b/build-docker-images/wazuh-indexer/config/opensearch.yml @@ -3,7 +3,6 @@ node.name: "wazuh.indexer" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node -compatibility.override_main_response_version: true plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem diff --git a/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml index 3a53c3f8..3660ad91 100644 --- a/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml +++ b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml @@ -2,7 +2,7 @@ server.host: 0.0.0.0 server.port: 5601 opensearch.hosts: https://wazuh1.indexer:9200 opensearch.ssl.verificationMode: certificate -opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] +opensearch.requestHeadersAllowlist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true diff --git a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml index 59cbe9bf..81fadff6 100644 --- a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml @@ -1,6 +1,6 @@ network.host: wazuh1.indexer node.name: wazuh1.indexer -cluster.initial_master_nodes: +cluster.initial_cluster_manager_nodes: - wazuh1.indexer - wazuh2.indexer - wazuh3.indexer @@ -35,4 +35,3 @@ plugins.security.restapi.roles_enabled: - "security_rest_api_access" plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false -compatibility.override_main_response_version: true diff --git a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml index 478ed1d0..47427bd9 100644 --- a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml @@ -1,6 +1,6 @@ network.host: wazuh2.indexer node.name: wazuh2.indexer -cluster.initial_master_nodes: +cluster.initial_cluster_manager_nodes: - wazuh1.indexer - wazuh2.indexer - wazuh3.indexer @@ -35,4 +35,3 @@ plugins.security.restapi.roles_enabled: - "security_rest_api_access" plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false -compatibility.override_main_response_version: true \ No newline at end of file diff --git a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml index 8caa513d..0efb8308 100644 --- a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml @@ -1,6 +1,6 @@ network.host: wazuh3.indexer node.name: wazuh3.indexer -cluster.initial_master_nodes: +cluster.initial_cluster_manager_nodes: - wazuh1.indexer - wazuh2.indexer - wazuh3.indexer @@ -35,4 +35,3 @@ plugins.security.restapi.roles_enabled: - "security_rest_api_access" plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false -compatibility.override_main_response_version: true \ No newline at end of file diff --git a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml index ccaec070..c10f123f 100644 --- a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml +++ b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml @@ -2,7 +2,7 @@ server.host: 0.0.0.0 server.port: 5601 opensearch.hosts: https://wazuh.indexer:9200 opensearch.ssl.verificationMode: certificate -opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] +opensearch.requestHeadersAllowlist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true diff --git a/single-node/config/wazuh_indexer/wazuh.indexer.yml b/single-node/config/wazuh_indexer/wazuh.indexer.yml index 84c3dbf9..eb98cfef 100644 --- a/single-node/config/wazuh_indexer/wazuh.indexer.yml +++ b/single-node/config/wazuh_indexer/wazuh.indexer.yml @@ -5,7 +5,6 @@ path.logs: /var/log/wazuh-indexer discovery.type: single-node http.port: 9200-9299 transport.tcp.port: 9300-9399 -compatibility.override_main_response_version: true plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem From f7cbdd488453fe368fe662db04778be8ccc2ca96 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Mon, 23 Jun 2025 13:33:22 -0300 Subject: [PATCH 05/29] Update CHANGELOG --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index df67c7e3..098d4332 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,7 +9,7 @@ All notable changes to this project will be documented in this file. ### Changed -- None +- Fix OpenSearch deprecated settings [#1366](https://github.com/wazuh/wazuh-puppet/issues/1366) ### Fixed From de11f97bf086c663d966f93fee63cf5d99262581 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Mon, 23 Jun 2025 13:41:56 -0300 Subject: [PATCH 06/29] Update CHANGELOG --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 098d4332..073e9f8f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,7 +9,7 @@ All notable changes to this project will be documented in this file. ### Changed -- Fix OpenSearch deprecated settings [#1366](https://github.com/wazuh/wazuh-puppet/issues/1366) +- Fix OpenSearch deprecated settings ([#1366](https://github.com/wazuh/wazuh-puppet/issues/1366)) ### Fixed From 846ae52263ec16fdeedbd4875da856d2050bf015 Mon Sep 17 00:00:00 2001 From: wazuhci <22834044+wazuhci@users.noreply.github.com> Date: Tue, 29 Jul 2025 16:11:09 +0000 Subject: [PATCH 07/29] feat: bump 4.14.1 --- .env | 6 +++--- .github/.goss.yaml | 2 +- .../workflows/Procedure_push_docker_images.yml | 4 ++-- CHANGELOG.md | 18 ++++++++++++++++++ README.md | 2 +- VERSION.json | 2 +- build-docker-images/README.md | 4 ++-- build-docker-images/build-images.sh | 4 ++-- docs/dev/build-image.md | 4 ++-- docs/dev/introduction.md | 2 +- docs/dev/setup.md | 6 +++--- docs/ref/Introduction/description.md | 6 +++--- docs/ref/Introduction/introduction.md | 4 ++-- docs/ref/configuration/configuration-files.md | 2 +- docs/ref/configuration/configuration.md | 2 +- .../getting-started/deployment/deployment.md | 6 +++--- docs/ref/getting-started/getting-started.md | 6 +++--- docs/ref/getting-started/requirements.md | 2 +- docs/ref/glossary.md | 6 +++--- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- wazuh-agent/docker-compose.yml | 2 +- 22 files changed, 63 insertions(+), 45 deletions(-) diff --git a/.env b/.env index e2c2fa20..3c0869ae 100755 --- a/.env +++ b/.env @@ -1,6 +1,6 @@ -WAZUH_VERSION=4.14.0 -WAZUH_IMAGE_VERSION=4.14.0 +WAZUH_VERSION=4.14.1 +WAZUH_IMAGE_VERSION=4.14.1 WAZUH_TAG_REVISION=1 -FILEBEAT_TEMPLATE_BRANCH=4.14.0 +FILEBEAT_TEMPLATE_BRANCH=4.14.1 WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.4.tar.gz WAZUH_UI_REVISION=1 diff --git a/.github/.goss.yaml b/.github/.goss.yaml index e80425a5..54e32593 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.14.0 + - 4.14.1 port: tcp:1514: listening: true diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index 8e4036de..06e805c9 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -6,7 +6,7 @@ on: inputs: image_tag: description: 'Docker image tag' - default: '4.14.0' + default: '4.14.1' required: true docker_reference: description: 'wazuh-docker reference' @@ -41,7 +41,7 @@ on: inputs: image_tag: description: 'Docker image tag' - default: '4.14.0' + default: '4.14.1' required: true type: string docker_reference: diff --git a/CHANGELOG.md b/CHANGELOG.md index 54c67707..dbe077bb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,24 @@ # Change Log All notable changes to this project will be documented in this file. +## [4.14.1] + +### Added + +- None + +### Changed + +- None + +### Fixed + +- None + +### Deleted + +- None + ## [4.14.0] ### Added diff --git a/README.md b/README.md index 8440a4b3..ae124a1e 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ The `wazuh/wazuh-docker` repository provides resources to deploy the Wazuh cyber ## Branch Convention - `main`: Developing and testing of new features. -- `X.Y.Z`: Version-specific branches (e.g., `4.14.0`, `4.13.0`, etc.). +- `X.Y.Z`: Version-specific branches (e.g., `4.14.1`, `4.13.0`, etc.). ## Documentation diff --git a/VERSION.json b/VERSION.json index af2b5c0b..f39ee7ab 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1,4 +1,4 @@ { - "version": "4.14.0", + "version": "4.14.1", "stage": "alpha0" } diff --git a/build-docker-images/README.md b/build-docker-images/README.md index 7b7e3029..ebc2a0f3 100644 --- a/build-docker-images/README.md +++ b/build-docker-images/README.md @@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: ``` -$ build-docker-images/build-images.sh -v 4.14.0 +$ build-docker-images/build-images.sh -v 4.14.1 ``` To get all the available script options use the -h or --help option: @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.14.0. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.14.1. -h, --help Show this help. ``` \ No newline at end of file diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index 467cd463..5c4a68e1 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -1,4 +1,4 @@ -WAZUH_IMAGE_VERSION=4.14.0 +WAZUH_IMAGE_VERSION=4.14.1 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g') WAZUH_TAG_REVISION=1 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g') @@ -12,7 +12,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION} # License (version 2) as published by the FSF - Free Software # Foundation. -WAZUH_IMAGE_VERSION="4.14.0" +WAZUH_IMAGE_VERSION="4.14.1" WAZUH_TAG_REVISION="1" WAZUH_DEV_STAGE="" FILEBEAT_MODULE_VERSION="0.4" diff --git a/docs/dev/build-image.md b/docs/dev/build-image.md index 7b7e3029..ebc2a0f3 100644 --- a/docs/dev/build-image.md +++ b/docs/dev/build-image.md @@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: ``` -$ build-docker-images/build-images.sh -v 4.14.0 +$ build-docker-images/build-images.sh -v 4.14.1 ``` To get all the available script options use the -h or --help option: @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.14.0. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.14.1. -h, --help Show this help. ``` \ No newline at end of file diff --git a/docs/dev/introduction.md b/docs/dev/introduction.md index a03aefaf..795540e9 100644 --- a/docs/dev/introduction.md +++ b/docs/dev/introduction.md @@ -1,6 +1,6 @@ # Development Guide - Introduction -Welcome to the Development Guide for Wazuh-docker version 4.14.0. This guide is intended for developers, contributors, and advanced users who wish to understand the development aspects of the Wazuh-Docker project, build custom Docker images, or contribute to its development. +Welcome to the Development Guide for Wazuh-docker version 4.14.1. This guide is intended for developers, contributors, and advanced users who wish to understand the development aspects of the Wazuh-Docker project, build custom Docker images, or contribute to its development. ## Purpose of This Guide diff --git a/docs/dev/setup.md b/docs/dev/setup.md index 2f611777..51613d99 100644 --- a/docs/dev/setup.md +++ b/docs/dev/setup.md @@ -1,6 +1,6 @@ # Development Guide - Setup Environment -This section outlines the steps required to set up your local development environment for working with the Wazuh-Docker project (version 4.14.0). A proper setup is crucial for building images, running tests, and contributing effectively. +This section outlines the steps required to set up your local development environment for working with the Wazuh-Docker project (version 4.14.1). A proper setup is crucial for building images, running tests, and contributing effectively. ## Prerequisites @@ -26,12 +26,12 @@ Before you begin, ensure your system meets the following requirements: Follow these steps to prepare your development environment: 1. **Clone the Repository**: - Clone the `wazuh-docker` repository from GitHub. It's important to check out the specific branch you intend to work with, in this case, `4.14.0`. + Clone the `wazuh-docker` repository from GitHub. It's important to check out the specific branch you intend to work with, in this case, `4.14.1`. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.14.0 + git checkout v4.14.1 ``` 2. **Verify Docker Installation**: diff --git a/docs/ref/Introduction/description.md b/docs/ref/Introduction/description.md index 058317e7..19f51559 100644 --- a/docs/ref/Introduction/description.md +++ b/docs/ref/Introduction/description.md @@ -1,6 +1,6 @@ # Reference Manual - Description -This section provides a detailed description of Wazuh-docker (version 4.14.0), its components, and its architecture when deployed using Docker containers. Understanding these aspects is key to effectively deploying and managing your Wazuh environment. +This section provides a detailed description of Wazuh-docker (version 4.14.1), its components, and its architecture when deployed using Docker containers. Understanding these aspects is key to effectively deploying and managing your Wazuh environment. ## What is Wazuh? @@ -18,7 +18,7 @@ Wazuh-docker is a project that provides Docker images and `docker compose` confi ## Core Components in Wazuh-Docker -The Wazuh-Docker project typically provides images for the following core Wazuh components, adapted for version 4.14.0: +The Wazuh-Docker project typically provides images for the following core Wazuh components, adapted for version 4.14.1: 1. **Wazuh Manager**: - The central component that collects and analyzes data from deployed Wazuh agents. @@ -28,7 +28,7 @@ The Wazuh-Docker project typically provides images for the following core Wazuh 2. **Wazuh Indexer**: - A highly scalable, full-text search and analytics engine. - Based on OpenSearch (or historically Elasticsearch), it stores and indexes alerts and monitoring data generated by the Wazuh manager. - - The Wazuh indexer container provides the data persistence layer for Wazuh alerts and events. For version 4.14.0, this is typically an OpenSearch-based component. + - The Wazuh indexer container provides the data persistence layer for Wazuh alerts and events. For version 4.14.1, this is typically an OpenSearch-based component. 3. **Wazuh Dashboard**: - A flexible visualization tool based on OpenSearch Dashboards (or historically Kibana). diff --git a/docs/ref/Introduction/introduction.md b/docs/ref/Introduction/introduction.md index 957fd9bb..f1a30bed 100644 --- a/docs/ref/Introduction/introduction.md +++ b/docs/ref/Introduction/introduction.md @@ -1,6 +1,6 @@ # Reference Manual - Introduction -Welcome to the Reference Manual for Wazuh-Docker, version 4.14.0. This manual provides comprehensive information about deploying, configuring, and managing your Wazuh environment using Docker. +Welcome to the Reference Manual for Wazuh-Docker, version 4.14.1. This manual provides comprehensive information about deploying, configuring, and managing your Wazuh environment using Docker. ## Purpose of This Manual @@ -44,4 +44,4 @@ This manual is structured to help you find information efficiently: - If you need to customize your deployment, refer to the [Configuration](configuration/configuration.md) section. - For specific terms or concepts, consult the [Glossary](glossary.md). -This manual refers to version 4.14.0 of Wazuh-Docker. Ensure you are using the documentation that corresponds to your deployed version. +This manual refers to version 4.14.1 of Wazuh-Docker. Ensure you are using the documentation that corresponds to your deployed version. diff --git a/docs/ref/configuration/configuration-files.md b/docs/ref/configuration/configuration-files.md index 5c9c129e..8eda5242 100644 --- a/docs/ref/configuration/configuration-files.md +++ b/docs/ref/configuration/configuration-files.md @@ -29,4 +29,4 @@ ``` -Consult the official Wazuh documentation for version 4.14.0 for detailed information on all possible configuration parameters for each component. +Consult the official Wazuh documentation for version 4.14.1 for detailed information on all possible configuration parameters for each component. diff --git a/docs/ref/configuration/configuration.md b/docs/ref/configuration/configuration.md index 07b5d11c..adff9188 100644 --- a/docs/ref/configuration/configuration.md +++ b/docs/ref/configuration/configuration.md @@ -1,6 +1,6 @@ # Reference Manual - Configuration -This section details how to configure your Wazuh-Docker deployment (version 4.14.0). Proper configuration is key to tailoring the Wazuh stack to your specific needs, managing data persistence, and integrating with your environment. +This section details how to configure your Wazuh-Docker deployment (version 4.14.1). Proper configuration is key to tailoring the Wazuh stack to your specific needs, managing data persistence, and integrating with your environment. ## Overview of Configuration Methods diff --git a/docs/ref/getting-started/deployment/deployment.md b/docs/ref/getting-started/deployment/deployment.md index b6d685ff..dae23432 100644 --- a/docs/ref/getting-started/deployment/deployment.md +++ b/docs/ref/getting-started/deployment/deployment.md @@ -1,6 +1,6 @@ # Reference Manual - Deployment -This section provides detailed instructions for deploying Wazuh-Docker (version 4.14.0) in various configurations. Choose the deployment model that best suits your needs, from simple single-node setups for testing to more robust multi-node configurations for production environments. +This section provides detailed instructions for deploying Wazuh-Docker (version 4.14.1) in various configurations. Choose the deployment model that best suits your needs, from simple single-node setups for testing to more robust multi-node configurations for production environments. ## Overview of Deployment Options @@ -24,11 +24,11 @@ Ensure you have: - Met all the [System Requirements](ref/getting-started/requirements.md). - Installed Docker and Docker Compose on your host(s). -- Cloned the `wazuh-docker` repository (version `4.14.0`) or downloaded the necessary deployment files. +- Cloned the `wazuh-docker` repository (version `4.14.1`) or downloaded the necessary deployment files. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.14.0 + git checkout v4.14.1 ``` - Made a backup of any existing Wazuh data if you are migrating or upgrading. diff --git a/docs/ref/getting-started/getting-started.md b/docs/ref/getting-started/getting-started.md index 7e76bf9a..86a8951c 100644 --- a/docs/ref/getting-started/getting-started.md +++ b/docs/ref/getting-started/getting-started.md @@ -1,6 +1,6 @@ # Reference Manual - Getting Started -This section guides you through the initial steps to get your Wazuh-docker (version 4.14.0) environment up and running. We will cover the prerequisites and point you to the deployment instructions. +This section guides you through the initial steps to get your Wazuh-docker (version 4.14.1) environment up and running. We will cover the prerequisites and point you to the deployment instructions. ## Overview @@ -27,11 +27,11 @@ Before diving into the deployment, please ensure you have reviewed: Verify that your host system has sufficient RAM, CPU, and disk space. Ensure Docker and Docker Compose are installed and functioning correctly. 2. **Obtain Wazuh-docker Configuration**: - You'll need the Docker Compose files and any associated configuration files from the `wazuh-docker` repository for version 4.14.0. + You'll need the Docker Compose files and any associated configuration files from the `wazuh-docker` repository for version 4.14.1. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.14.0 + git checkout v4.14.1 # Navigate to the specific docker-compose directory, e.g., single-node or multi-node # cd docker-compose/single-node/ (example path) ``` diff --git a/docs/ref/getting-started/requirements.md b/docs/ref/getting-started/requirements.md index b006acdc..0332db37 100644 --- a/docs/ref/getting-started/requirements.md +++ b/docs/ref/getting-started/requirements.md @@ -1,6 +1,6 @@ # Reference Manual - Requirements -Before deploying Wazuh-Docker (version 4.14.0), it's essential to ensure your environment meets the necessary hardware and software requirements. Meeting these prerequisites will help ensure a stable and performant Wazuh deployment. +Before deploying Wazuh-Docker (version 4.14.1), it's essential to ensure your environment meets the necessary hardware and software requirements. Meeting these prerequisites will help ensure a stable and performant Wazuh deployment. ## Host System Requirements diff --git a/docs/ref/glossary.md b/docs/ref/glossary.md index fb8d3ed6..78f58ea4 100644 --- a/docs/ref/glossary.md +++ b/docs/ref/glossary.md @@ -1,6 +1,6 @@ # Reference Manual - Glossary -This glossary defines key terms and concepts related to Wazuh, Docker, and their use together in the Wazuh-Docker project (version 4.14.0). +This glossary defines key terms and concepts related to Wazuh, Docker, and their use together in the Wazuh-Docker project (version 4.14.1). --- @@ -22,7 +22,7 @@ This glossary defines key terms and concepts related to Wazuh, Docker, and their **D** -- **Dashboard (Wazuh Dashboard / OpenSearch Dashboards / Kibana)**: A web-based visualization tool used to explore, analyze, and visualize data stored in the Wazuh Indexer. It provides dashboards, visualizations, and a query interface for security events and alerts. For Wazuh 4.14.0, this is typically OpenSearch Dashboards. +- **Dashboard (Wazuh Dashboard / OpenSearch Dashboards / Kibana)**: A web-based visualization tool used to explore, analyze, and visualize data stored in the Wazuh Indexer. It provides dashboards, visualizations, and a query interface for security events and alerts. For Wazuh 4.14.1, this is typically OpenSearch Dashboards. - **Decoder**: A component in the Wazuh Manager that parses and extracts relevant information (fields) from raw log messages or event data. - **Docker**: An open platform for developing, shipping, and running applications inside containers. - **Docker Compose**: A tool for defining and running multi-container Docker applications. It uses a YAML file (`docker-compose.yml`) to configure the application's services, networks, and volumes. @@ -42,7 +42,7 @@ This glossary defines key terms and concepts related to Wazuh, Docker, and their **I** -- **Indexer (Wazuh Indexer / OpenSearch / Elasticsearch)**: The component responsible for storing, indexing, and making searchable the alerts and event data generated by the Wazuh Manager. For Wazuh 4.14.0, this is typically OpenSearch. +- **Indexer (Wazuh Indexer / OpenSearch / Elasticsearch)**: The component responsible for storing, indexing, and making searchable the alerts and event data generated by the Wazuh Manager. For Wazuh 4.14.1, this is typically OpenSearch. **L** diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index e3830c25..5ace3286 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -1,7 +1,7 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: wazuh.master: - image: wazuh/wazuh-manager:4.14.0 + image: wazuh/wazuh-manager:4.14.1 hostname: wazuh.master restart: always ulimits: @@ -43,7 +43,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.14.0 + image: wazuh/wazuh-manager:4.14.1 hostname: wazuh.worker restart: always ulimits: @@ -79,7 +79,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.14.0 + image: wazuh/wazuh-indexer:4.14.1 hostname: wazuh1.indexer restart: always ports: @@ -105,7 +105,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.14.0 + image: wazuh/wazuh-indexer:4.14.1 hostname: wazuh2.indexer restart: always environment: @@ -127,7 +127,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.14.0 + image: wazuh/wazuh-indexer:4.14.1 hostname: wazuh3.indexer restart: always environment: @@ -149,7 +149,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.14.0 + image: wazuh/wazuh-dashboard:4.14.1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index d5a73e7c..f431a62d 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -1,7 +1,7 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: wazuh.manager: - image: wazuh/wazuh-manager:4.14.0 + image: wazuh/wazuh-manager:4.14.1 hostname: wazuh.manager restart: always ulimits: @@ -44,7 +44,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.14.0 + image: wazuh/wazuh-indexer:4.14.1 hostname: wazuh.indexer restart: always ports: @@ -69,7 +69,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.14.0 + image: wazuh/wazuh-dashboard:4.14.1 hostname: wazuh.dashboard restart: always ports: diff --git a/wazuh-agent/docker-compose.yml b/wazuh-agent/docker-compose.yml index 5bb58007..ba64d37e 100644 --- a/wazuh-agent/docker-compose.yml +++ b/wazuh-agent/docker-compose.yml @@ -1,7 +1,7 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: wazuh.agent: - image: wazuh/wazuh-agent:4.14.0 + image: wazuh/wazuh-agent:4.14.1 restart: always environment: - WAZUH_MANAGER_SERVER= From 0989e11d432aca673eab65dd91553735b7c4a01e Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 14 Aug 2025 09:00:41 -0300 Subject: [PATCH 08/29] Resolving conflicts --- build-docker-images/build-images.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index e511ef22..d4f3f4ce 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -13,7 +13,10 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION} # Foundation. WAZUH_IMAGE_VERSION="5.0.0" +WAZUH_TAG_REVISION="1" +WAZUH_DEV_STAGE="" FILEBEAT_MODULE_VERSION="0.4" + # ----------------------------------------------------------------------------- trap ctrl_c INT From ccab3b6d7e4031ce1422e8ee1adab7f03de8a428 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 26 Sep 2025 12:14:09 -0300 Subject: [PATCH 09/29] Modify Wazuh cert tool generation --- indexer-certs-creator/Dockerfile | 4 +-- indexer-certs-creator/config/entrypoint.sh | 40 +++++++++++++--------- multi-node/generate-indexer-certs.yml | 4 ++- single-node/generate-indexer-certs.yml | 4 ++- 4 files changed, 31 insertions(+), 21 deletions(-) diff --git a/indexer-certs-creator/Dockerfile b/indexer-certs-creator/Dockerfile index 58b2583f..b9772abf 100644 --- a/indexer-certs-creator/Dockerfile +++ b/indexer-certs-creator/Dockerfile @@ -1,7 +1,7 @@ # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2) -FROM ubuntu:focal +FROM amazonlinux:2023 -RUN apt-get update && apt-get install openssl curl -y +RUN yum update -y && yum install openssl curl-minimal -y WORKDIR / diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index fa098c50..648c9f02 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -8,29 +8,35 @@ ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.14/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.14/ +PACKAGES_URL=https://packages.wazuh.com/$CERT_TOOL_VERSION/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/$CERT_TOOL_VERSION/ -## Check if the cert tool exists in S3 buckets -CERT_TOOL_PACKAGES=$(curl --silent --head --location --output /dev/null --write-out "%{http_code}" "$PACKAGES_URL$CERT_TOOL") -CERT_TOOL_PACKAGES_DEV=$(curl --silent --head --location --output /dev/null --write-out "%{http_code}" "$PACKAGES_DEV_URL$CERT_TOOL") +OUTPUT_FILE="/$CERT_TOOL" -## If cert tool exists in some bucket, download it, if not exit 1 -if [ "$CERT_TOOL_PACKAGES" = "200" ]; then - curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL -s - echo "The tool to create the certificates exists in the in Packages bucket" -elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then - curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL -s - echo "The tool to create the certificates exists in Packages-dev bucket" +download_package() { + local url=$1 + echo "Checking $url$CERT_TOOL ..." + if curl -fsSL "$url$CERT_TOOL" -o "$OUTPUT_FILE"; then + echo "Downloaded $CERT_TOOL from $url" + return 0 + else + return 1 + fi +} + +# Try first the prod URL, if it fails try the dev URL +if download_package "$PACKAGES_URL"; then + : +elif download_package "$PACKAGES_DEV_URL"; then + : else - echo "The tool to create the certificates does not exist in any bucket" - echo "ERROR: certificates were not created" - exit 1 + echo "The tool to create the certificates does not exist in any bucket" + echo "ERROR: certificates were not created" + exit 1 fi cp /config/certs.yml /config.yml - -chmod 700 /$CERT_TOOL +chmod 700 "$OUTPUT_FILE" ############################################################################## # Creating Cluster certificates diff --git a/multi-node/generate-indexer-certs.yml b/multi-node/generate-indexer-certs.yml index 3142ab1a..88927593 100644 --- a/multi-node/generate-indexer-certs.yml +++ b/multi-node/generate-indexer-certs.yml @@ -1,8 +1,10 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: generator: - image: wazuh/wazuh-certs-generator:0.0.2 + image: wazuh/wazuh-certs-generator:0.0.3 hostname: wazuh-certs-generator + environment: + - CERT_TOOL_VERSION=4.14 volumes: - ./config/wazuh_indexer_ssl_certs/:/certificates/ - ./config/certs.yml:/config/certs.yml \ No newline at end of file diff --git a/single-node/generate-indexer-certs.yml b/single-node/generate-indexer-certs.yml index b7b7efb6..a941280f 100644 --- a/single-node/generate-indexer-certs.yml +++ b/single-node/generate-indexer-certs.yml @@ -1,8 +1,10 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: generator: - image: wazuh/wazuh-certs-generator:0.0.2 + image: wazuh/wazuh-certs-generator:0.0.3 hostname: wazuh-certs-generator + environment: + - CERT_TOOL_VERSION=4.14 volumes: - ./config/wazuh_indexer_ssl_certs/:/certificates/ - ./config/certs.yml:/config/certs.yml From 2d56895f47a8068c35f83c63b3034dfe490578a0 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 26 Sep 2025 15:33:42 -0300 Subject: [PATCH 10/29] Improve error messages --- indexer-certs-creator/config/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 648c9f02..a222a5b9 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -16,7 +16,7 @@ OUTPUT_FILE="/$CERT_TOOL" download_package() { local url=$1 echo "Checking $url$CERT_TOOL ..." - if curl -fsSL "$url$CERT_TOOL" -o "$OUTPUT_FILE"; then + if curl -fsL "$url$CERT_TOOL" -o "$OUTPUT_FILE"; then echo "Downloaded $CERT_TOOL from $url" return 0 else From 901f29b68fb20946a39158692827406f8a78569d Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 26 Sep 2025 15:37:33 -0300 Subject: [PATCH 11/29] Add changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ba102351..1d223253 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,7 +9,7 @@ All notable changes to this project will be documented in this file. ### Changed -- None +- Wazuh cert tool generator improvements ([#2027](https://github.com/wazuh/wazuh-docker/pull/2027)) ### Fixed From c9107730760a8e52338fb22cd6d5718f5b485bcc Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 26 Sep 2025 15:52:09 -0300 Subject: [PATCH 12/29] Modify readme --- indexer-certs-creator/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/indexer-certs-creator/README.md b/indexer-certs-creator/README.md index 10965097..8ddccdf5 100644 --- a/indexer-certs-creator/README.md +++ b/indexer-certs-creator/README.md @@ -5,5 +5,5 @@ The dockerfile hosted in this directory is used to build the image used to boot To create the image, the following command must be executed: ``` -$ docker build -t wazuh/wazuh-certs-generator:0.0.2 . +$ docker build -t wazuh/wazuh-certs-generator:0.0.3 . ``` From cb6fa28bbc00516b41894f42549d4609c7e94ab4 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 1 Oct 2025 13:30:25 -0300 Subject: [PATCH 13/29] Wazuh server clean-up --- build-docker-images/build-images.yml | 4 - build-docker-images/wazuh-manager/Dockerfile | 3 - .../config/etc/cont-init.d/2-manager | 6 -- .../wazuh-manager/config/permanent_data.env | 24 ------ docs/ref/configuration/configuration-files.md | 2 +- multi-node/Migration-to-Wazuh-4.4.md | 52 ------------ .../config/wazuh_cluster/wazuh_manager.conf | 83 +++++++------------ .../config/wazuh_cluster/wazuh_worker.conf | 83 +++++++------------ multi-node/docker-compose.yml | 8 -- multi-node/volume-migrator.sh | 44 ---------- .../config/wazuh_cluster/wazuh_manager.conf | 83 +++++++------------ single-node/docker-compose.yml | 4 - 12 files changed, 91 insertions(+), 305 deletions(-) diff --git a/build-docker-images/build-images.yml b/build-docker-images/build-images.yml index ed784cec..35d8d7a2 100644 --- a/build-docker-images/build-images.yml +++ b/build-docker-images/build-images.yml @@ -27,9 +27,7 @@ services: - wazuh_logs:/var/ossec/logs - wazuh_queue:/var/ossec/queue - wazuh_var_multigroups:/var/ossec/var/multigroups - - wazuh_integrations:/var/ossec/integrations - wazuh_active_response:/var/ossec/active-response/bin - - wazuh_agentless:/var/ossec/agentless - wazuh_wodles:/var/ossec/wodles - filebeat_etc:/etc/filebeat - filebeat_var:/var/lib/filebeat @@ -94,9 +92,7 @@ volumes: wazuh_logs: wazuh_queue: wazuh_var_multigroups: - wazuh_integrations: wazuh_active_response: - wazuh_agentless: wazuh_wodles: filebeat_etc: filebeat_var: diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 7bbfdfc7..d2c11083 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -50,9 +50,6 @@ RUN chmod go-w /etc/filebeat/wazuh-template.json RUN mkdir -p /var/ossec/var/multigroups && \ chown root:wazuh /var/ossec/var/multigroups && \ chmod 770 /var/ossec/var/multigroups && \ - mkdir -p /var/ossec/agentless && \ - chown root:wazuh /var/ossec/agentless && \ - chmod 770 /var/ossec/agentless && \ mkdir -p /var/ossec/active-response/bin && \ chown root:wazuh /var/ossec/active-response/bin && \ chmod 770 /var/ossec/active-response/bin && \ diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager index ff3e1fdd..ebd08eb1 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager @@ -60,12 +60,6 @@ function_wazuh_migration(){ chown wazuh:wazuh /var/ossec/etc/rules/* chmod 660 /var/ossec/etc/rules/* - if [ -e /wazuh-migration/data/agentless/.passlist ]; then - \cp -f /wazuh-migration/data/agentless/.passlist /var/ossec/agentless/.passlist - chown root:wazuh /var/ossec/agentless/.passlist - chmod 640 /var/ossec/agentless/.passlist - fi - \cp -f /wazuh-migration/global.db /var/ossec/queue/db/global.db chown wazuh:wazuh /var/ossec/queue/db/global.db chmod 640 /var/ossec/queue/db/global.db diff --git a/build-docker-images/wazuh-manager/config/permanent_data.env b/build-docker-images/wazuh-manager/config/permanent_data.env index 132dc492..26a61289 100644 --- a/build-docker-images/wazuh-manager/config/permanent_data.env +++ b/build-docker-images/wazuh-manager/config/permanent_data.env @@ -4,9 +4,7 @@ PERMANENT_DATA[((i++))]="/var/ossec/api/configuration" PERMANENT_DATA[((i++))]="/var/ossec/etc" PERMANENT_DATA[((i++))]="/var/ossec/logs" PERMANENT_DATA[((i++))]="/var/ossec/queue" -PERMANENT_DATA[((i++))]="/var/ossec/agentless" PERMANENT_DATA[((i++))]="/var/ossec/var/multigroups" -PERMANENT_DATA[((i++))]="/var/ossec/integrations" PERMANENT_DATA[((i++))]="/var/ossec/active-response/bin" PERMANENT_DATA[((i++))]="/var/ossec/wodles" PERMANENT_DATA[((i++))]="/etc/filebeat" @@ -16,16 +14,6 @@ export PERMANENT_DATA # Files mounted in a volume that should not be permanent i=0 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/internal_options.conf" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack.py" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal.py" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle.py" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/pagerduty" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/pagerduty.py" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/maltiverse" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/maltiverse.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/default-firewall-drop" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/disable-account" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/firewalld-drop" @@ -41,18 +29,6 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/pf" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/restart-wazuh" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/restart.sh" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/route-null" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/sshlogin.exp" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_pixconfig_diff" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_asa-fwsmconfig_diff" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_integrity_check_bsd" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/main.exp" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/su.exp" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_integrity_check_linux" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/register_host.sh" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_generic_diff" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_foundry_diff" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_nopass.exp" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh.exp" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/utils.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/aws-s3" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/aws-s3.py" diff --git a/docs/ref/configuration/configuration-files.md b/docs/ref/configuration/configuration-files.md index 4965b89e..429a85f5 100644 --- a/docs/ref/configuration/configuration-files.md +++ b/docs/ref/configuration/configuration-files.md @@ -2,7 +2,7 @@ ### 1. Wazuh Manager Configuration -* **`ossec.conf`**: The main configuration file for the Wazuh manager. It controls rules, decoders, agent enrollment, active responses, integrations, clustering, and more. +* **`ossec.conf`**: The main configuration file for the Wazuh manager. It controls rules, decoders, agent enrollment, active responses, clustering, and more. * **Customization**: Mount a custom `ossec.conf` or specific configuration snippets (e.g., local rules in `local_rules.xml`) into the manager container at `/wazuh-mount-point/`, which will be copied to the path `/var/ossec` (e.g., the file `/var/ossec/etc/ossec.conf` must be mounted at `/wazuh-mount-point/etc/ossec.conf`) . ### 2. Wazuh Indexer Configuration diff --git a/multi-node/Migration-to-Wazuh-4.4.md b/multi-node/Migration-to-Wazuh-4.4.md index 3ff10a84..0d192f2c 100644 --- a/multi-node/Migration-to-Wazuh-4.4.md +++ b/multi-node/Migration-to-Wazuh-4.4.md @@ -80,13 +80,6 @@ docker volume create \ multi-node_master-wazuh-var-multigroups ``` ``` -docker volume create \ - --label com.docker.compose.project=multi-node \ - --label com.docker.compose.version=1.25.0 \ - --label com.docker.compose.volume=master-wazuh-integrations \ - multi-node_master-wazuh-integrations -``` -``` docker volume create \ --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ @@ -94,13 +87,6 @@ docker volume create \ multi-node_master-wazuh-active-response ``` ``` -docker volume create \ - --label com.docker.compose.project=multi-node \ - --label com.docker.compose.version=1.25.0 \ - --label com.docker.compose.volume=master-wazuh-agentless \ - multi-node_master-wazuh-agentless -``` -``` docker volume create \ --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ @@ -157,13 +143,6 @@ docker volume create \ multi-node_worker-wazuh-var-multigroups ``` ``` -docker volume create \ - --label com.docker.compose.project=multi-node \ - --label com.docker.compose.version=1.25.0 \ - --label com.docker.compose.volume=worker-wazuh-integrations \ - multi-node_worker-wazuh-integrations -``` -``` docker volume create \ --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ @@ -171,13 +150,6 @@ docker volume create \ multi-node_worker-wazuh-active-response ``` ``` -docker volume create \ - --label com.docker.compose.project=multi-node \ - --label com.docker.compose.version=1.25.0 \ - --label com.docker.compose.volume=worker-wazuh-agentless \ - multi-node_worker-wazuh-agentless -``` -``` docker volume create \ --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ @@ -248,24 +220,12 @@ docker container run --rm -it \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` -docker container run --rm -it \ - -v wazuh-docker_ossec-integrations:/from \ - -v multi-node_master-wazuh-integrations:/to \ - alpine ash -c "cd /from ; cp -avp . /to" -``` -``` docker container run --rm -it \ -v wazuh-docker_ossec-active-response:/from \ -v multi-node_master-wazuh-active-response:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` -docker container run --rm -it \ - -v wazuh-docker_ossec-agentless:/from \ - -v multi-node_master-wazuh-agentless:/to \ - alpine ash -c "cd /from ; cp -avp . /to" -``` -``` docker container run --rm -it \ -v wazuh-docker_ossec-wodles:/from \ -v multi-node_master-wazuh-wodles:/to \ @@ -314,24 +274,12 @@ docker container run --rm -it \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` -docker container run --rm -it \ - -v wazuh-docker_worker-ossec-integrations:/from \ - -v multi-node_worker-wazuh-integrations:/to \ - alpine ash -c "cd /from ; cp -avp . /to" -``` -``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-active-response:/from \ -v multi-node_worker-wazuh-active-response:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` -docker container run --rm -it \ - -v wazuh-docker_worker-ossec-agentless:/from \ - -v multi-node_worker-wazuh-agentless:/to \ - alpine ash -c "cd /from ; cp -avp . /to" -``` -``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-wodles:/from \ -v multi-node_worker-wazuh-wodles:/to \ diff --git a/multi-node/config/wazuh_cluster/wazuh_manager.conf b/multi-node/config/wazuh_cluster/wazuh_manager.conf index b1f32c8b..600b3e88 100644 --- a/multi-node/config/wazuh_cluster/wazuh_manager.conf +++ b/multi-node/config/wazuh_cluster/wazuh_manager.conf @@ -1,24 +1,10 @@ - yes - yes - no - no - no - smtp.example.wazuh.com - wazuh@example.wazuh.com - recipient@example.wazuh.com - 12 - alerts.log - 10m + 15m 0 + yes - - 3 - 12 - - plain @@ -34,8 +20,6 @@ no - yes - yes yes yes yes @@ -45,31 +29,12 @@ 43200 - etc/rootcheck/rootkit_files.txt - etc/rootcheck/rootkit_trojans.txt - yes + + /var/lib/containerd + /var/lib/docker/overlay2 - - yes - 1800 - 1d - yes - - wodles/java - wodles/ciscat - - - - - yes - yes - /var/log/osquery/osqueryd.results.log - /etc/osquery/osquery.conf - yes - - no @@ -81,9 +46,15 @@ yes yes yes + yes + yes + yes + yes + yes + 5m 10 @@ -92,7 +63,13 @@ yes yes 12h - yes + + + + yes + 5m + 10 + @@ -124,8 +101,6 @@ 43200 - yes - yes @@ -165,13 +140,12 @@ 10 - 100 + 50 yes 5m - 1h 10 @@ -266,13 +240,6 @@ etc/rules - - yes - 1 - 64 - 15m - - no @@ -305,9 +272,19 @@ + + journald + journald + + + + audit + /var/log/audit/audit.log + + syslog /var/ossec/logs/active-responses.log - + \ No newline at end of file diff --git a/multi-node/config/wazuh_cluster/wazuh_worker.conf b/multi-node/config/wazuh_cluster/wazuh_worker.conf index 7b89dc63..b85335cd 100644 --- a/multi-node/config/wazuh_cluster/wazuh_worker.conf +++ b/multi-node/config/wazuh_cluster/wazuh_worker.conf @@ -1,24 +1,10 @@ - yes - yes - no - no - no - smtp.example.wazuh.com - wazuh@example.wazuh.com - recipient@example.wazuh.com - 12 - alerts.log - 10m + 15m 0 + yes - - 3 - 12 - - plain @@ -34,8 +20,6 @@ no - yes - yes yes yes yes @@ -45,31 +29,12 @@ 43200 - etc/rootcheck/rootkit_files.txt - etc/rootcheck/rootkit_trojans.txt - yes + + /var/lib/containerd + /var/lib/docker/overlay2 - - yes - 1800 - 1d - yes - - wodles/java - wodles/ciscat - - - - - yes - yes - /var/log/osquery/osqueryd.results.log - /etc/osquery/osquery.conf - yes - - no @@ -81,9 +46,15 @@ yes yes yes + yes + yes + yes + yes + yes + 5m 10 @@ -92,7 +63,13 @@ yes yes 12h - yes + + + + yes + 5m + 10 + @@ -124,8 +101,6 @@ 43200 - yes - yes @@ -165,13 +140,12 @@ 10 - 100 + 50 yes 5m - 1h 10 @@ -266,13 +240,6 @@ etc/rules - - yes - 1 - 64 - 15m - - no @@ -305,9 +272,19 @@ + + journald + journald + + + + audit + /var/log/audit/audit.log + + syslog /var/ossec/logs/active-responses.log - + \ No newline at end of file diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index d67c4eb9..ddf9c9ed 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -31,9 +31,7 @@ services: - master-wazuh-logs:/var/ossec/logs - master-wazuh-queue:/var/ossec/queue - master-wazuh-var-multigroups:/var/ossec/var/multigroups - - master-wazuh-integrations:/var/ossec/integrations - master-wazuh-active-response:/var/ossec/active-response/bin - - master-wazuh-agentless:/var/ossec/agentless - master-wazuh-wodles:/var/ossec/wodles - master-filebeat-etc:/etc/filebeat - master-filebeat-var:/var/lib/filebeat @@ -67,9 +65,7 @@ services: - worker-wazuh-logs:/var/ossec/logs - worker-wazuh-queue:/var/ossec/queue - worker-wazuh-var-multigroups:/var/ossec/var/multigroups - - worker-wazuh-integrations:/var/ossec/integrations - worker-wazuh-active-response:/var/ossec/active-response/bin - - worker-wazuh-agentless:/var/ossec/agentless - worker-wazuh-wodles:/var/ossec/wodles - worker-filebeat-etc:/etc/filebeat - worker-filebeat-var:/var/lib/filebeat @@ -198,9 +194,7 @@ volumes: master-wazuh-logs: master-wazuh-queue: master-wazuh-var-multigroups: - master-wazuh-integrations: master-wazuh-active-response: - master-wazuh-agentless: master-wazuh-wodles: master-filebeat-etc: master-filebeat-var: @@ -209,9 +203,7 @@ volumes: worker-wazuh-logs: worker-wazuh-queue: worker-wazuh-var-multigroups: - worker-wazuh-integrations: worker-wazuh-active-response: - worker-wazuh-agentless: worker-wazuh-wodles: worker-filebeat-etc: worker-filebeat-var: diff --git a/multi-node/volume-migrator.sh b/multi-node/volume-migrator.sh index f11a1da6..21c3d255 100755 --- a/multi-node/volume-migrator.sh +++ b/multi-node/volume-migrator.sh @@ -46,24 +46,12 @@ docker volume create \ --label com.docker.compose.volume=master-wazuh-var-multigroups \ $2_master-wazuh-var-multigroups -docker volume create \ - --label com.docker.compose.project=$2 \ - --label com.docker.compose.version=$1 \ - --label com.docker.compose.volume=master-wazuh-integrations \ - $2_master-wazuh-integrations - docker volume create \ --label com.docker.compose.project=$2 \ --label com.docker.compose.version=$1 \ --label com.docker.compose.volume=master-wazuh-active-response \ $2_master-wazuh-active-response -docker volume create \ - --label com.docker.compose.project=$2 \ - --label com.docker.compose.version=$1 \ - --label com.docker.compose.volume=master-wazuh-agentless \ - $2_master-wazuh-agentless - docker volume create \ --label com.docker.compose.project=$2 \ --label com.docker.compose.version=$1 \ @@ -112,24 +100,12 @@ docker volume create \ --label com.docker.compose.volume=worker-wazuh-var-multigroups \ $2_worker-wazuh-var-multigroups -docker volume create \ - --label com.docker.compose.project=$2 \ - --label com.docker.compose.version=$1 \ - --label com.docker.compose.volume=worker-wazuh-integrations \ - $2_worker-wazuh-integrations - docker volume create \ --label com.docker.compose.project=$2 \ --label com.docker.compose.version=$1 \ --label com.docker.compose.volume=worker-wazuh-active-response \ $2_worker-wazuh-active-response -docker volume create \ - --label com.docker.compose.project=$2 \ - --label com.docker.compose.version=$1 \ - --label com.docker.compose.volume=worker-wazuh-agentless \ - $2_worker-wazuh-agentless - docker volume create \ --label com.docker.compose.project=$2 \ --label com.docker.compose.version=$1 \ @@ -193,21 +169,11 @@ docker container run --rm -it \ -v $2_master-wazuh-var-multigroups:/to \ alpine ash -c "cd /from ; cp -avp . /to" -docker container run --rm -it \ - -v wazuh-docker_ossec-integrations:/from \ - -v $2_master-wazuh-integrations:/to \ - alpine ash -c "cd /from ; cp -avp . /to" - docker container run --rm -it \ -v wazuh-docker_ossec-active-response:/from \ -v $2_master-wazuh-active-response:/to \ alpine ash -c "cd /from ; cp -avp . /to" -docker container run --rm -it \ - -v wazuh-docker_ossec-agentless:/from \ - -v $2_master-wazuh-agentless:/to \ - alpine ash -c "cd /from ; cp -avp . /to" - docker container run --rm -it \ -v wazuh-docker_ossec-wodles:/from \ -v $2_master-wazuh-wodles:/to \ @@ -248,21 +214,11 @@ docker container run --rm -it \ -v $2_worker-wazuh-var-multigroups:/to \ alpine ash -c "cd /from ; cp -avp . /to" -docker container run --rm -it \ - -v wazuh-docker_worker-ossec-integrations:/from \ - -v $2_worker-wazuh-integrations:/to \ - alpine ash -c "cd /from ; cp -avp . /to" - docker container run --rm -it \ -v wazuh-docker_worker-ossec-active-response:/from \ -v $2_worker-wazuh-active-response:/to \ alpine ash -c "cd /from ; cp -avp . /to" -docker container run --rm -it \ - -v wazuh-docker_worker-ossec-agentless:/from \ - -v $2_worker-wazuh-agentless:/to \ - alpine ash -c "cd /from ; cp -avp . /to" - docker container run --rm -it \ -v wazuh-docker_worker-ossec-wodles:/from \ -v $2_worker-wazuh-wodles:/to \ diff --git a/single-node/config/wazuh_cluster/wazuh_manager.conf b/single-node/config/wazuh_cluster/wazuh_manager.conf index c5f16dd9..4f00c24d 100644 --- a/single-node/config/wazuh_cluster/wazuh_manager.conf +++ b/single-node/config/wazuh_cluster/wazuh_manager.conf @@ -1,24 +1,10 @@ - yes - yes - no - no - no - smtp.example.wazuh.com - wazuh@example.wazuh.com - recipient@example.wazuh.com - 12 - alerts.log - 10m + 15m 0 + yes - - 3 - 12 - - plain @@ -34,8 +20,6 @@ no - yes - yes yes yes yes @@ -45,31 +29,12 @@ 43200 - etc/rootcheck/rootkit_files.txt - etc/rootcheck/rootkit_trojans.txt - yes + + /var/lib/containerd + /var/lib/docker/overlay2 - - yes - 1800 - 1d - yes - - wodles/java - wodles/ciscat - - - - - yes - yes - /var/log/osquery/osqueryd.results.log - /etc/osquery/osquery.conf - yes - - no @@ -81,9 +46,15 @@ yes yes yes + yes + yes + yes + yes + yes + 5m 10 @@ -92,7 +63,13 @@ yes yes 12h - yes + + + + yes + 5m + 10 + @@ -122,8 +99,6 @@ 43200 - yes - yes @@ -163,13 +138,12 @@ 10 - 100 + 50 yes 5m - 1h 10 @@ -264,13 +238,6 @@ etc/rules - - yes - 1 - 64 - 15m - - no @@ -303,9 +270,19 @@ + + journald + journald + + + + audit + /var/log/audit/audit.log + + syslog /var/ossec/logs/active-responses.log - + \ No newline at end of file diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 8ad1c4a2..365ab29b 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -32,9 +32,7 @@ services: - wazuh_logs:/var/ossec/logs - wazuh_queue:/var/ossec/queue - wazuh_var_multigroups:/var/ossec/var/multigroups - - wazuh_integrations:/var/ossec/integrations - wazuh_active_response:/var/ossec/active-response/bin - - wazuh_agentless:/var/ossec/agentless - wazuh_wodles:/var/ossec/wodles - filebeat_etc:/etc/filebeat - filebeat_var:/var/lib/filebeat @@ -102,9 +100,7 @@ volumes: wazuh_logs: wazuh_queue: wazuh_var_multigroups: - wazuh_integrations: wazuh_active_response: - wazuh_agentless: wazuh_wodles: filebeat_etc: filebeat_var: From 93812b3d07268dcb9b8f11288a8c8a215d51a092 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 1 Oct 2025 14:26:22 -0300 Subject: [PATCH 14/29] Add changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 52a4437f..76e24d67 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ All notable changes to this project will be documented in this file. ### Changed +- Wazuh server clean-up ([#2030](https://github.com/wazuh/wazuh-puppet/issues/2030)) - Fix OpenSearch deprecated settings ([#1366](https://github.com/wazuh/wazuh-puppet/issues/1366)) ### Fixed From 184675bab5745846a36d193e14d0528e686957f3 Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Tue, 28 Oct 2025 01:09:49 +0700 Subject: [PATCH 15/29] Modify Wazuh image builder --- .../Procedure_push_docker_images.yml | 139 +++++++++++------- CHANGELOG.md | 5 +- build-docker-images/build-images.sh | 96 +++++++++--- build-docker-images/build-images.yml | 8 +- build-docker-images/wazuh-indexer/Dockerfile | 7 +- build-docker-images/wazuh-manager/Dockerfile | 1 + .../wazuh-manager/config/filebeat_module.sh | 3 +- docs/dev/build-image.md | 2 +- indexer-certs-creator/Dockerfile | 4 +- indexer-certs-creator/README.md | 2 +- indexer-certs-creator/config/entrypoint.sh | 40 ++--- .../wazuh_dashboard/opensearch_dashboards.yml | 1 - multi-node/generate-indexer-certs.yml | 4 +- .../wazuh_dashboard/opensearch_dashboards.yml | 1 - single-node/generate-indexer-certs.yml | 4 +- 15 files changed, 211 insertions(+), 106 deletions(-) diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index af6bc25d..7bfe0c67 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -11,10 +11,6 @@ on: docker_reference: description: 'wazuh-docker reference' required: true - products: - description: 'Comma-separated list of the image names to build and push' - default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer,wazuh-agent' - required: true filebeat_module_version: description: 'Filebeat module version' default: '0.4' @@ -23,11 +19,10 @@ on: description: 'Package revision' default: '1' required: true - push_images: - description: 'Push images' - type: boolean - default: true - required: true + reference: + description: 'Dev reference' + type: string + default: latest id: description: "ID used to identify the workflow uniquely." type: string @@ -48,11 +43,6 @@ on: description: 'wazuh-docker reference' required: false type: string - products: - description: 'Comma-separated list of the image names to build and push' - default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer,wazuh-agent' - required: true - type: string filebeat_module_version: description: 'Filebeat module version' default: '0.4' @@ -63,11 +53,10 @@ on: default: '1' required: true type: string - push_images: - description: 'Push images' - type: boolean - default: true - required: true + reference: + description: 'Dev reference' + type: string + default: latest id: description: "ID used to identify the workflow uniquely." type: string @@ -82,6 +71,16 @@ jobs: build-and-push: runs-on: ubuntu-22.04 + permissions: + id-token: write + contents: read + + env: + IMAGE_REGISTRY: ${{ inputs.dev && vars.IMAGE_REGISTRY_DEV || vars.IMAGE_REGISTRY_PROD }} + IMAGE_TAG: ${{ inputs.image_tag }} + FILEBEAT_MODULE_VERSION: ${{ inputs.filebeat_module_version }} + REVISION: ${{ inputs.revision }} + steps: - name: Print inputs run: | @@ -96,45 +95,97 @@ jobs: echo "* id: ${{ inputs.id }}" echo "* image_tag: ${{ inputs.image_tag }}" echo "* docker_reference: ${{ inputs.docker_reference }}" - echo "* products: ${{ inputs.products }}" echo "* filebeat_module_version: ${{ inputs.filebeat_module_version }}" echo "* revision: ${{ inputs.revision }}" - echo "* push_images: ${{ inputs.push_images }}" echo "* dev: ${{ inputs.dev }}" + echo "* dev reference: ${{ inputs.reference }}" echo "---------------------------------------------" - name: Checkout repository uses: actions/checkout@v4 with: ref: ${{ inputs.docker_reference }} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Configure aws credentials + if: ${{ inputs.dev == true }} + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.AWS_IAM_DOCKER_ROLE }} + aws-region: "${{ secrets.AWS_REGION }}" + + - name: Log in to Amazon ECR + if: ${{ inputs.dev == true }} + uses: aws-actions/amazon-ecr-login@v2 - name: Log in to Docker Hub + if: ${{ inputs.dev == false }} uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} + - name: Create packages-url.txt file + if : ${{ inputs.dev == true }} + run: | + cat << EOF > packages-url.txt + wazuh_manager_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1) + wazuh_manager_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1) + wazuh_manager_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1) + wazuh_manager_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1) + wazuh_indexer_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1) + wazuh_indexer_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1) + wazuh_indexer_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1) + wazuh_indexer_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1) + wazuh_dashboard_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1) + wazuh_dashboard_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1) + wazuh_dashboard_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1) + wazuh_dashboard_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1) + wazuh_agent_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1) + wazuh_agent_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1) + wazuh_agent_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1) + wazuh_agent_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1) + wazuh_agent_url_i386_msi: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.i386.msi --expires-in 43200 --region us-west-1) + wazuh_agent_url_intel64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.intel64.pkg --expires-in 43200 --region us-west-1) + wazuh_agent_url_arm64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.arm64.pkg --expires-in 43200 --region us-west-1) + EOF + cat packages-url.txt + working-directory: ./build-docker-images + + - name: Save packages_url.txt file created as artifact + if: ${{ inputs.dev == true }} + uses: actions/upload-artifact@v4 + with: + name: packages_url.txt + path: /home/runner/work/wazuh-docker/wazuh-docker/build-docker-images/packages-url.txt + retention-days: 5 + - name: Build Wazuh images run: | - IMAGE_TAG=${{ inputs.image_tag }} - FILEBEAT_MODULE_VERSION=${{ inputs.filebeat_module_version }} - REVISION=${{ inputs.revision }} - - if [[ "$IMAGE_TAG" == *"-"* ]]; then - IFS='-' read -r -a tokens <<< "$IMAGE_TAG" - if [ -z "${tokens[1]}" ]; then - echo "Invalid image tag: $IMAGE_TAG" - exit 1 + if [ "${{ inputs.dev }}" = true ]; then + IMAGE_TAG="${{ inputs.image_tag }}-${{ inputs.reference }}" + ./build-images.sh -v ${{ inputs.image_tag }} -r $REVISION -d "dev" -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m -ref ${{ inputs.reference }} + else + if [[ "$IMAGE_TAG" == *"-"* ]]; then + IFS='-' read -r -a tokens <<< "$IMAGE_TAG" + if [ -z "${tokens[1]}" ]; then + echo "Invalid image tag: $IMAGE_TAG" + exit 1 + fi + DEV_STAGE=${tokens[1]} + WAZUH_VER=${tokens[0]} + ./build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m + else + ./build-images.sh -v $IMAGE_TAG -r $REVISION -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m fi - DEV_STAGE=${tokens[1]} - WAZUH_VER=${tokens[0]} - ./build-docker-images/build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -f $FILEBEAT_MODULE_VERSION - else - ./build-docker-images/build-images.sh -v $IMAGE_TAG -r $REVISION -f $FILEBEAT_MODULE_VERSION fi - # Save .env file (generated by build-images.sh) contents to $GITHUB_ENV - ENV_FILE_PATH=".env" + ENV_FILE_PATH="../.env" if [ -f $ENV_FILE_PATH ]; then while IFS= read -r line || [ -n "$line" ]; do @@ -144,16 +195,4 @@ jobs: echo "The environment file $ENV_FILE_PATH does not exist!" exit 1 fi - - - name: Tag and Push Wazuh images - if: ${{ inputs.push_images }} - run: | - IMAGE_TAG="${{ inputs.image_tag }}$( [ "${{ inputs.dev }}" == "true" ] && echo '-dev' || true )" - IMAGE_NAMES=${{ inputs.products }} - IFS=',' read -r -a images <<< "$IMAGE_NAMES" - for image in "${images[@]}"; do - echo "Tagging and pushing wazuh/$image:${WAZUH_VERSION} to wazuh/$image:$IMAGE_TAG" - docker tag wazuh/$image:${WAZUH_VERSION} wazuh/$image:$IMAGE_TAG - echo "Pushing wazuh/$image:$IMAGE_TAG ..." - docker push wazuh/$image:$IMAGE_TAG - done + working-directory: ./build-docker-images diff --git a/CHANGELOG.md b/CHANGELOG.md index 76e24d67..6b9495b7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -28,7 +28,7 @@ All notable changes to this project will be documented in this file. ### Changed -- None +- Wazuh cert tool generator improvements ([#2027](https://github.com/wazuh/wazuh-docker/pull/2027)) ### Fixed @@ -46,6 +46,8 @@ All notable changes to this project will be documented in this file. ### Changed +- Change filebeat install method ([#2020](https://github.com/wazuh/wazuh-docker/pull/2020)) +- Remove dashboard chat setting ([#2021](https://github.com/wazuh/wazuh-docker/pull/2021)) - Rollback data source setting ([#1999](https://github.com/wazuh/wazuh-docker/pull/1999)) - Dashboard settings added ([#1998](https://github.com/wazuh/wazuh-docker/pull/1998)) - Add filebeat config file in the PERMANENT_DATA_EXCP list ([#1898](https://github.com/wazuh/wazuh-docker/pull/1898)) @@ -53,6 +55,7 @@ All notable changes to this project will be documented in this file. ### Fixed +- Change Wazuh indexer directory owner ([#2029](https://github.com/wazuh/wazuh-docker/pull/2029)) - Double the amount of space consumed in Wazuh Indexer ([#1953](https://github.com/wazuh/wazuh-docker/pull/1953)) - Fix config directory for opensearch_security plugin work ([#1951](https://github.com/wazuh/wazuh-docker/pull/1951)) - Update Dockerfile to copy opensearch-security files ([#1928](https://github.com/wazuh/wazuh-docker/pull/1928)) diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index d4f3f4ce..ceb4667d 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -15,6 +15,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION} WAZUH_IMAGE_VERSION="5.0.0" WAZUH_TAG_REVISION="1" WAZUH_DEV_STAGE="" +WAZUH_TAG_REFERENCE="" FILEBEAT_MODULE_VERSION="0.4" # ----------------------------------------------------------------------------- @@ -38,35 +39,65 @@ build() { WAZUH_VERSION="$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')" FILEBEAT_TEMPLATE_BRANCH="${WAZUH_IMAGE_VERSION}" + WAZUH_MINOR_VERSION="${WAZUH_IMAGE_VERSION%.*}" WAZUH_FILEBEAT_MODULE="wazuh-filebeat-${FILEBEAT_MODULE_VERSION}.tar.gz" WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}" - if [ "${WAZUH_DEV_STAGE}" ];then - FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}" - if ! curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then - echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" - clean 1 - fi - else - if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then - FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}" - elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then - FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}" + if [ -z "${WAZUH_TAG_REFERENCE}" ]; then + if [ "${WAZUH_DEV_STAGE}" ];then + FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}" + if ! curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then + echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" + clean 1 + fi else - echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" - clean 1 + if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then + FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}" + elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then + FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}" + else + echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" + clean 1 + fi fi fi + # Variables + FILE="packages_url.txt" - echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env - echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> .env - echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> .env - echo FILEBEAT_TEMPLATE_BRANCH=$FILEBEAT_TEMPLATE_BRANCH >> .env - echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> .env - echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> .env + if [[ -f "$FILE" ]]; then + echo "$FILE exists. Using existing file." + else + TAG="v${WAZUH_VERSION}" + REPO="wazuh/wazuh-docker" + GH_URL="https://api.github.com/repos/${REPO}/git/refs/tags/${TAG}" - docker compose -f build-docker-images/build-images.yml --env-file .env build --no-cache || clean 1 + if curl -fsSL "$GH_URL" >/dev/null 2>&1; then + curl -fsSL -o "$FILE" "https://packages.wazuh.com/${WAZUH_MINOR_VERSION}/packages_url.txt" + else + curl -fsSL -o "$FILE" "https://packages-dev.wazuh.com/${WAZUH_MINOR_VERSION}/packages_url.txt" + fi + fi + sed -Ei 's/^([^:]+):[[:space:]]+(https?:\/\/.*)$/\1=\2/' $FILE + sed 's/[-.]/_/g' $FILE > packages_env.txt + + echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > ../.env + echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> ../.env + echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> ../.env + echo FILEBEAT_TEMPLATE_BRANCH=$FILEBEAT_TEMPLATE_BRANCH >> ../.env + echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> ../.env + echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> ../.env + echo WAZUH_REGISTRY=$WAZUH_REGISTRY >> ../.env + set -a + source ../.env + source packages_env.txt + set +a + + if [ "${MULTIARCH}" ];then + docker buildx bake --file build-images.yml --push --set *.platform=linux/amd64,linux/arm64 --no-cache|| clean 1 + else + docker buildx bake --file build-images.yml --no-cache|| clean 1 + fi return 0 } @@ -76,10 +107,13 @@ help() { echo echo "Usage: $0 [OPTIONS]" echo - echo " -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default." + echo " -d, --dev [Optional] Set the development stage you want to build, example rc2 or beta1, not used by default." echo " -f, --filebeat-module [Optional] Set Filebeat module version. By default ${FILEBEAT_MODULE_VERSION}." echo " -r, --revision [Optional] Package revision. By default ${WAZUH_TAG_REVISION}" + echo " -ref, --reference [Optional] Set the Wazuh reference to build development images. By default, the latest stable release." + echo " -rg, --registry [Optional] Set the Docker registry to push the images." echo " -v, --version [Optional] Set the Wazuh version should be builded. By default, ${WAZUH_IMAGE_VERSION}." + echo " -m, --multiarch [Optional] Enable multi-architecture builds." echo " -h, --help Show this help." echo exit $1 @@ -110,6 +144,10 @@ main() { help 1 fi ;; + "-m"|"--multiarch") + MULTIARCH="true" + shift + ;; "-r"|"--revision") if [ -n "${2}" ]; then WAZUH_TAG_REVISION="${2}" @@ -118,6 +156,22 @@ main() { help 1 fi ;; + "-ref"|"--reference") + if [ -n "${2}" ]; then + WAZUH_TAG_REFERENCE="${2}" + shift 2 + else + help 1 + fi + ;; + "-rg"|"--registry") + if [ -n "${2}" ]; then + WAZUH_REGISTRY="${2}" + shift 2 + else + help 1 + fi + ;; "-v"|"--version") if [ -n "$2" ]; then WAZUH_IMAGE_VERSION="$2" diff --git a/build-docker-images/build-images.yml b/build-docker-images/build-images.yml index 35d8d7a2..8f077440 100644 --- a/build-docker-images/build-images.yml +++ b/build-docker-images/build-images.yml @@ -8,7 +8,7 @@ services: WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} FILEBEAT_TEMPLATE_BRANCH: ${FILEBEAT_TEMPLATE_BRANCH} WAZUH_FILEBEAT_MODULE: ${WAZUH_FILEBEAT_MODULE} - image: wazuh/wazuh-manager:${WAZUH_IMAGE_VERSION} + image: ${WAZUH_REGISTRY}/wazuh/wazuh-manager:${IMAGE_TAG} hostname: wazuh.manager restart: always ports: @@ -38,7 +38,7 @@ services: args: WAZUH_VERSION: ${WAZUH_VERSION} WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} - image: wazuh/wazuh-agent:${WAZUH_IMAGE_VERSION} + image: ${WAZUH_REGISTRY}/wazuh/wazuh-agent:${IMAGE_TAG} hostname: wazuh.agent restart: always @@ -48,7 +48,7 @@ services: args: WAZUH_VERSION: ${WAZUH_VERSION} WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} - image: wazuh/wazuh-indexer:${WAZUH_IMAGE_VERSION} + image: ${WAZUH_REGISTRY}/wazuh/wazuh-indexer:${IMAGE_TAG} hostname: wazuh.indexer restart: always ports: @@ -70,7 +70,7 @@ services: WAZUH_VERSION: ${WAZUH_VERSION} WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} WAZUH_UI_REVISION: ${WAZUH_UI_REVISION} - image: wazuh/wazuh-dashboard:${WAZUH_IMAGE_VERSION} + image: ${WAZUH_REGISTRY}/wazuh/wazuh-dashboard:${IMAGE_TAG} hostname: wazuh.dashboard restart: always ports: diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index 27fc4c30..f63304ab 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -62,9 +62,10 @@ COPY config/entrypoint.sh / COPY config/securityadmin.sh / -RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh - -RUN chown 1000:1000 /*.sh +RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh && \ + mkdir -p /usr/share/wazuh-indexer && \ + chown 1000:1000 /usr/share/wazuh-indexer && \ + chown 1000:1000 /*.sh COPY --from=builder --chown=1000:1000 /usr/share/wazuh-indexer /usr/share/wazuh-indexer COPY --from=builder --chown=1000:1000 /etc/wazuh-indexer /usr/share/wazuh-indexer/config diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index d2c11083..7078ab88 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -8,6 +8,7 @@ ARG WAZUH_TAG_REVISION ARG FILEBEAT_TEMPLATE_BRANCH ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 +ARG FILEBEAT_REVISION=2 ARG WAZUH_FILEBEAT_MODULE ARG S6_VERSION="v2.2.0.3" diff --git a/build-docker-images/wazuh-manager/config/filebeat_module.sh b/build-docker-images/wazuh-manager/config/filebeat_module.sh index 9926c6c1..dc475a47 100644 --- a/build-docker-images/wazuh-manager/config/filebeat_module.sh +++ b/build-docker-images/wazuh-manager/config/filebeat_module.sh @@ -7,6 +7,5 @@ if [[ -n "${WAZUH_TAG}" ]]; then REPOSITORY="packages.wazuh.com/5.x" fi -curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\ -yum install -y ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && \ +yum install filebeat-${FILEBEAT_VERSION}-${FILEBEAT_REVISION} -y && \ curl -s https://${REPOSITORY}/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module \ No newline at end of file diff --git a/docs/dev/build-image.md b/docs/dev/build-image.md index 11fde42c..563f64e2 100644 --- a/docs/dev/build-image.md +++ b/docs/dev/build-image.md @@ -23,7 +23,7 @@ $ build-docker-images/build-images.sh -h Usage: build-docker-images/build-images.sh [OPTIONS] - -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. + -d, --dev [Optional] Set the development stage you want to build, example rc2 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 -v, --version [Optional] Set the Wazuh version should be builded. By default, 5.0.0. diff --git a/indexer-certs-creator/Dockerfile b/indexer-certs-creator/Dockerfile index 58b2583f..b9772abf 100644 --- a/indexer-certs-creator/Dockerfile +++ b/indexer-certs-creator/Dockerfile @@ -1,7 +1,7 @@ # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2) -FROM ubuntu:focal +FROM amazonlinux:2023 -RUN apt-get update && apt-get install openssl curl -y +RUN yum update -y && yum install openssl curl-minimal -y WORKDIR / diff --git a/indexer-certs-creator/README.md b/indexer-certs-creator/README.md index 10965097..8ddccdf5 100644 --- a/indexer-certs-creator/README.md +++ b/indexer-certs-creator/README.md @@ -5,5 +5,5 @@ The dockerfile hosted in this directory is used to build the image used to boot To create the image, the following command must be executed: ``` -$ docker build -t wazuh/wazuh-certs-generator:0.0.2 . +$ docker build -t wazuh/wazuh-certs-generator:0.0.3 . ``` diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 16f01da2..a222a5b9 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -8,29 +8,35 @@ ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/5.0/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/5.0/ +PACKAGES_URL=https://packages.wazuh.com/$CERT_TOOL_VERSION/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/$CERT_TOOL_VERSION/ -## Check if the cert tool exists in S3 buckets -CERT_TOOL_PACKAGES=$(curl --silent --head --location --output /dev/null --write-out "%{http_code}" "$PACKAGES_URL$CERT_TOOL") -CERT_TOOL_PACKAGES_DEV=$(curl --silent --head --location --output /dev/null --write-out "%{http_code}" "$PACKAGES_DEV_URL$CERT_TOOL") +OUTPUT_FILE="/$CERT_TOOL" -## If cert tool exists in some bucket, download it, if not exit 1 -if [ "$CERT_TOOL_PACKAGES" = "200" ]; then - curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL -s - echo "The tool to create the certificates exists in the in Packages bucket" -elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then - curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL -s - echo "The tool to create the certificates exists in Packages-dev bucket" +download_package() { + local url=$1 + echo "Checking $url$CERT_TOOL ..." + if curl -fsL "$url$CERT_TOOL" -o "$OUTPUT_FILE"; then + echo "Downloaded $CERT_TOOL from $url" + return 0 + else + return 1 + fi +} + +# Try first the prod URL, if it fails try the dev URL +if download_package "$PACKAGES_URL"; then + : +elif download_package "$PACKAGES_DEV_URL"; then + : else - echo "The tool to create the certificates does not exist in any bucket" - echo "ERROR: certificates were not created" - exit 1 + echo "The tool to create the certificates does not exist in any bucket" + echo "ERROR: certificates were not created" + exit 1 fi cp /config/certs.yml /config.yml - -chmod 700 /$CERT_TOOL +chmod 700 "$OUTPUT_FILE" ############################################################################## # Creating Cluster certificates diff --git a/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml index 77b8381d..b59c48c1 100644 --- a/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml +++ b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml @@ -14,4 +14,3 @@ uiSettings.overrides.defaultRoute: /app/wz-home opensearch_security.cookie.ttl: 900000 opensearch_security.session.ttl: 900000 opensearch_security.session.keepalive: true -assistant.chat.enabled: true diff --git a/multi-node/generate-indexer-certs.yml b/multi-node/generate-indexer-certs.yml index 3142ab1a..88927593 100644 --- a/multi-node/generate-indexer-certs.yml +++ b/multi-node/generate-indexer-certs.yml @@ -1,8 +1,10 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: generator: - image: wazuh/wazuh-certs-generator:0.0.2 + image: wazuh/wazuh-certs-generator:0.0.3 hostname: wazuh-certs-generator + environment: + - CERT_TOOL_VERSION=4.14 volumes: - ./config/wazuh_indexer_ssl_certs/:/certificates/ - ./config/certs.yml:/config/certs.yml \ No newline at end of file diff --git a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml index d8473877..07c81abf 100644 --- a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml +++ b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml @@ -14,4 +14,3 @@ uiSettings.overrides.defaultRoute: /app/wz-home opensearch_security.cookie.ttl: 900000 opensearch_security.session.ttl: 900000 opensearch_security.session.keepalive: true -assistant.chat.enabled: true diff --git a/single-node/generate-indexer-certs.yml b/single-node/generate-indexer-certs.yml index b7b7efb6..a941280f 100644 --- a/single-node/generate-indexer-certs.yml +++ b/single-node/generate-indexer-certs.yml @@ -1,8 +1,10 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: generator: - image: wazuh/wazuh-certs-generator:0.0.2 + image: wazuh/wazuh-certs-generator:0.0.3 hostname: wazuh-certs-generator + environment: + - CERT_TOOL_VERSION=4.14 volumes: - ./config/wazuh_indexer_ssl_certs/:/certificates/ - ./config/certs.yml:/config/certs.yml From 9882a9ca6d348fba9fc7730fa8570aa799796fba Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Tue, 28 Oct 2025 01:29:44 +0700 Subject: [PATCH 16/29] Change expiration time --- .../Procedure_push_docker_images.yml | 47 ++++++++----------- 1 file changed, 19 insertions(+), 28 deletions(-) diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index 7bfe0c67..58148422 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -134,37 +134,28 @@ jobs: if : ${{ inputs.dev == true }} run: | cat << EOF > packages-url.txt - wazuh_manager_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1) - wazuh_manager_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1) - wazuh_manager_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1) - wazuh_manager_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1) - wazuh_indexer_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1) - wazuh_indexer_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1) - wazuh_indexer_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1) - wazuh_indexer_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1) - wazuh_dashboard_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1) - wazuh_dashboard_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1) - wazuh_dashboard_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1) - wazuh_dashboard_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1) - wazuh_agent_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 43200 --region us-west-1) - wazuh_agent_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 43200 --region us-west-1) - wazuh_agent_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 43200 --region us-west-1) - wazuh_agent_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 43200 --region us-west-1) - wazuh_agent_url_i386_msi: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.i386.msi --expires-in 43200 --region us-west-1) - wazuh_agent_url_intel64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.intel64.pkg --expires-in 43200 --region us-west-1) - wazuh_agent_url_arm64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.arm64.pkg --expires-in 43200 --region us-west-1) + wazuh_manager_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1) + wazuh_manager_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1) + wazuh_manager_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1) + wazuh_manager_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1) + wazuh_indexer_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1) + wazuh_indexer_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1) + wazuh_indexer_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1) + wazuh_indexer_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1) + wazuh_dashboard_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1) + wazuh_dashboard_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1) + wazuh_dashboard_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1) + wazuh_dashboard_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1) + wazuh_agent_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1) + wazuh_agent_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1) + wazuh_agent_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1) + wazuh_agent_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1) + wazuh_agent_url_i386_msi: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.i386.msi --expires-in 3600 --region us-west-1) + wazuh_agent_url_intel64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.intel64.pkg --expires-in 3600 --region us-west-1) + wazuh_agent_url_arm64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.arm64.pkg --expires-in 3600 --region us-west-1) EOF - cat packages-url.txt working-directory: ./build-docker-images - - name: Save packages_url.txt file created as artifact - if: ${{ inputs.dev == true }} - uses: actions/upload-artifact@v4 - with: - name: packages_url.txt - path: /home/runner/work/wazuh-docker/wazuh-docker/build-docker-images/packages-url.txt - retention-days: 5 - - name: Build Wazuh images run: | if [ "${{ inputs.dev }}" = true ]; then From b031e317f771cc9fd64d28d1259972a3ced2e329 Mon Sep 17 00:00:00 2001 From: wazuhci <22834044+wazuhci@users.noreply.github.com> Date: Thu, 30 Oct 2025 09:32:26 +0000 Subject: [PATCH 17/29] feat: bump 4.14.1 --- VERSION.json | 2 +- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- wazuh-agent/docker-compose.yml | 2 +- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/VERSION.json b/VERSION.json index f39ee7ab..9a5a2122 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1,4 +1,4 @@ { "version": "4.14.1", - "stage": "alpha0" + "stage": "rc1" } diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 8fd47f7d..400b5b02 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -1,7 +1,7 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: wazuh.master: - image: wazuh/wazuh-manager:4.14.1 + image: wazuh/wazuh-manager:4.14.1-rc1 hostname: wazuh.master restart: always ulimits: @@ -43,7 +43,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.14.1 + image: wazuh/wazuh-manager:4.14.1-rc1 hostname: wazuh.worker restart: always ulimits: @@ -79,7 +79,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.14.1 + image: wazuh/wazuh-indexer:4.14.1-rc1 hostname: wazuh1.indexer restart: always ports: @@ -105,7 +105,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.14.1 + image: wazuh/wazuh-indexer:4.14.1-rc1 hostname: wazuh2.indexer restart: always environment: @@ -127,7 +127,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.14.1 + image: wazuh/wazuh-indexer:4.14.1-rc1 hostname: wazuh3.indexer restart: always environment: @@ -149,7 +149,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.14.1 + image: wazuh/wazuh-dashboard:4.14.1-rc1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 673f3dcb..49448dd1 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -1,7 +1,7 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: wazuh.manager: - image: wazuh/wazuh-manager:4.14.1 + image: wazuh/wazuh-manager:4.14.1-rc1 hostname: wazuh.manager restart: always ulimits: @@ -44,7 +44,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.14.1 + image: wazuh/wazuh-indexer:4.14.1-rc1 hostname: wazuh.indexer restart: always ports: @@ -69,7 +69,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.14.1 + image: wazuh/wazuh-dashboard:4.14.1-rc1 hostname: wazuh.dashboard restart: always ports: diff --git a/wazuh-agent/docker-compose.yml b/wazuh-agent/docker-compose.yml index ba64d37e..2bdb9b61 100644 --- a/wazuh-agent/docker-compose.yml +++ b/wazuh-agent/docker-compose.yml @@ -1,7 +1,7 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: wazuh.agent: - image: wazuh/wazuh-agent:4.14.1 + image: wazuh/wazuh-agent:4.14.1-rc1 restart: always environment: - WAZUH_MANAGER_SERVER= From babaea694e2828a5f71477b6718c5ed7a5a5bfdd Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Thu, 30 Oct 2025 22:11:30 +0700 Subject: [PATCH 18/29] Change install option --- .env | 8 +-- .gitignore | 4 +- build-docker-images/build-images.sh | 46 +++-------------- build-docker-images/build-images.yml | 16 +++--- build-docker-images/wazuh-agent/Dockerfile | 20 +++----- .../wazuh-agent/config/check_repository.sh | 15 ------ .../wazuh-dashboard/Dockerfile | 22 ++++---- .../config/check_repository.sh | 15 ------ build-docker-images/wazuh-indexer/Dockerfile | 29 +++-------- .../wazuh-indexer/config/check_repository.sh | 15 ------ build-docker-images/wazuh-manager/Dockerfile | 38 ++++---------- .../wazuh-manager/config/check_repository.sh | 15 ------ .../config/etc/cont-init.d/1-config-filebeat | 51 ------------------- .../etc/cont-init.d/{2-manager => 1-manager} | 0 .../config/etc/services.d/filebeat/finish | 6 --- .../config/etc/services.d/filebeat/run | 4 -- .../wazuh-manager/config/filebeat_module.sh | 11 ---- .../wazuh-manager/config/permanent_data.env | 6 --- docs/dev/build-image.md | 1 - 19 files changed, 56 insertions(+), 266 deletions(-) delete mode 100644 build-docker-images/wazuh-agent/config/check_repository.sh delete mode 100644 build-docker-images/wazuh-dashboard/config/check_repository.sh delete mode 100644 build-docker-images/wazuh-indexer/config/check_repository.sh delete mode 100644 build-docker-images/wazuh-manager/config/check_repository.sh delete mode 100644 build-docker-images/wazuh-manager/config/etc/cont-init.d/1-config-filebeat rename build-docker-images/wazuh-manager/config/etc/cont-init.d/{2-manager => 1-manager} (100%) delete mode 100644 build-docker-images/wazuh-manager/config/etc/services.d/filebeat/finish delete mode 100644 build-docker-images/wazuh-manager/config/etc/services.d/filebeat/run delete mode 100644 build-docker-images/wazuh-manager/config/filebeat_module.sh diff --git a/.env b/.env index c2d4e554..a8180776 100755 --- a/.env +++ b/.env @@ -1,6 +1,6 @@ -WAZUH_VERSION=5.0.0 -WAZUH_IMAGE_VERSION=5.0.0 +WAZUH_VERSION=main +WAZUH_IMAGE_VERSION=main WAZUH_TAG_REVISION=1 -FILEBEAT_TEMPLATE_BRANCH=5.0.0 -WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.4.tar.gz WAZUH_UI_REVISION=1 +WAZUH_REGISTRY=docker.io +IMAGE_TAG=main diff --git a/.gitignore b/.gitignore index 31bc423a..0ead0852 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,6 @@ single-node/config/wazuh_indexer_ssl_certs/*.pem single-node/config/wazuh_indexer_ssl_certs/*.key multi-node/config/wazuh_indexer_ssl_certs/*.pem multi-node/config/wazuh_indexer_ssl_certs/*.key -*.log \ No newline at end of file +*.log +build-docker-images/packages_env.txt +build-docker-images/packages-url.txt \ No newline at end of file diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index ceb4667d..402b160f 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -1,8 +1,10 @@ -WAZUH_IMAGE_VERSION=5.0.0 +WAZUH_IMAGE_VERSION=main +IMAGE_TAG=main WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g') WAZUH_TAG_REVISION=1 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g') IMAGE_VERSION=${WAZUH_IMAGE_VERSION} +WAZUH_REGISTRY=docker.io # Wazuh package generator # Copyright (C) 2023, Wazuh Inc. @@ -12,11 +14,10 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION} # License (version 2) as published by the FSF - Free Software # Foundation. -WAZUH_IMAGE_VERSION="5.0.0" +WAZUH_IMAGE_VERSION="main" WAZUH_TAG_REVISION="1" WAZUH_DEV_STAGE="" WAZUH_TAG_REFERENCE="" -FILEBEAT_MODULE_VERSION="0.4" # ----------------------------------------------------------------------------- @@ -38,31 +39,11 @@ ctrl_c() { build() { WAZUH_VERSION="$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')" - FILEBEAT_TEMPLATE_BRANCH="${WAZUH_IMAGE_VERSION}" WAZUH_MINOR_VERSION="${WAZUH_IMAGE_VERSION%.*}" - WAZUH_FILEBEAT_MODULE="wazuh-filebeat-${FILEBEAT_MODULE_VERSION}.tar.gz" WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}" - if [ -z "${WAZUH_TAG_REFERENCE}" ]; then - if [ "${WAZUH_DEV_STAGE}" ];then - FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}" - if ! curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then - echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" - clean 1 - fi - else - if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then - FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}" - elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then - FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}" - else - echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}" - clean 1 - fi - fi - fi # Variables - FILE="packages_url.txt" + FILE="packages-url.txt" if [[ -f "$FILE" ]]; then echo "$FILE exists. Using existing file." @@ -77,20 +58,18 @@ build() { curl -fsSL -o "$FILE" "https://packages-dev.wazuh.com/${WAZUH_MINOR_VERSION}/packages_url.txt" fi fi - sed -Ei 's/^([^:]+):[[:space:]]+(https?:\/\/.*)$/\1=\2/' $FILE - sed 's/[-.]/_/g' $FILE > packages_env.txt + awk -F':' '{name=$1; val=substr($0,length(name)+3); gsub(/[-.]/,"_",name); print name "=" val}' $FILE > packages_env.txt echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > ../.env echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> ../.env echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> ../.env - echo FILEBEAT_TEMPLATE_BRANCH=$FILEBEAT_TEMPLATE_BRANCH >> ../.env - echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> ../.env echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> ../.env echo WAZUH_REGISTRY=$WAZUH_REGISTRY >> ../.env + echo IMAGE_TAG=$IMAGE_TAG >> ../.env set -a source ../.env - source packages_env.txt + source ./packages_env.txt set +a if [ "${MULTIARCH}" ];then @@ -108,7 +87,6 @@ help() { echo "Usage: $0 [OPTIONS]" echo echo " -d, --dev [Optional] Set the development stage you want to build, example rc2 or beta1, not used by default." - echo " -f, --filebeat-module [Optional] Set Filebeat module version. By default ${FILEBEAT_MODULE_VERSION}." echo " -r, --revision [Optional] Package revision. By default ${WAZUH_TAG_REVISION}" echo " -ref, --reference [Optional] Set the Wazuh reference to build development images. By default, the latest stable release." echo " -rg, --registry [Optional] Set the Docker registry to push the images." @@ -136,14 +114,6 @@ main() { help 1 fi ;; - "-f"|"--filebeat-module") - if [ -n "${2}" ]; then - FILEBEAT_MODULE_VERSION="${2}" - shift 2 - else - help 1 - fi - ;; "-m"|"--multiarch") MULTIARCH="true" shift diff --git a/build-docker-images/build-images.yml b/build-docker-images/build-images.yml index 8f077440..9ed60754 100644 --- a/build-docker-images/build-images.yml +++ b/build-docker-images/build-images.yml @@ -6,8 +6,8 @@ services: args: WAZUH_VERSION: ${WAZUH_VERSION} WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} - FILEBEAT_TEMPLATE_BRANCH: ${FILEBEAT_TEMPLATE_BRANCH} - WAZUH_FILEBEAT_MODULE: ${WAZUH_FILEBEAT_MODULE} + wazuh_manager_url_amd64_rpm: ${wazuh_manager_url_x86_64_rpm} + wazuh_manager_url_arm64_rpm: ${wazuh_manager_url_aarch64_rpm} image: ${WAZUH_REGISTRY}/wazuh/wazuh-manager:${IMAGE_TAG} hostname: wazuh.manager restart: always @@ -20,7 +20,6 @@ services: - INDEXER_URL=https://wazuh.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=admin - - FILEBEAT_SSL_VERIFICATION_MODE=none volumes: - wazuh_api_configuration:/var/ossec/api/configuration - wazuh_etc:/var/ossec/etc @@ -29,8 +28,6 @@ services: - wazuh_var_multigroups:/var/ossec/var/multigroups - wazuh_active_response:/var/ossec/active-response/bin - wazuh_wodles:/var/ossec/wodles - - filebeat_etc:/etc/filebeat - - filebeat_var:/var/lib/filebeat wazuh.agent: build: @@ -38,6 +35,8 @@ services: args: WAZUH_VERSION: ${WAZUH_VERSION} WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} + wazuh_agent_url_amd64_rpm: ${wazuh_agent_url_x86_64_rpm} + wazuh_agent_url_arm64_rpm: ${wazuh_agent_url_aarch64_rpm} image: ${WAZUH_REGISTRY}/wazuh/wazuh-agent:${IMAGE_TAG} hostname: wazuh.agent restart: always @@ -48,6 +47,8 @@ services: args: WAZUH_VERSION: ${WAZUH_VERSION} WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} + wazuh_indexer_url_amd64_rpm: ${wazuh_indexer_url_x86_64_rpm} + wazuh_indexer_url_arm64_rpm: ${wazuh_indexer_url_aarch64_rpm} image: ${WAZUH_REGISTRY}/wazuh/wazuh-indexer:${IMAGE_TAG} hostname: wazuh.indexer restart: always @@ -70,6 +71,8 @@ services: WAZUH_VERSION: ${WAZUH_VERSION} WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} WAZUH_UI_REVISION: ${WAZUH_UI_REVISION} + wazuh_dashboard_url_amd64_rpm: ${wazuh_dashboard_url_x86_64_rpm} + wazuh_dashboard_url_arm64_rpm: ${wazuh_dashboard_url_aarch64_rpm} image: ${WAZUH_REGISTRY}/wazuh/wazuh-dashboard:${IMAGE_TAG} hostname: wazuh.dashboard restart: always @@ -94,5 +97,4 @@ volumes: wazuh_var_multigroups: wazuh_active_response: wazuh_wodles: - filebeat_etc: - filebeat_var: + diff --git a/build-docker-images/wazuh-agent/Dockerfile b/build-docker-images/wazuh-agent/Dockerfile index 8a237787..fc24dbbd 100644 --- a/build-docker-images/wazuh-agent/Dockerfile +++ b/build-docker-images/wazuh-agent/Dockerfile @@ -10,18 +10,14 @@ ARG WAZUH_MANAGER='CHANGE_MANAGER_IP' ARG WAZUH_MANAGER_PORT='CHANGE_MANAGER_PORT' ARG WAZUH_REGISTRATION_SERVER='CHANGE_ENROLL_IP' ARG WAZUH_REGISTRATION_PORT='CHANGE_ENROLL_PORT' -ARG WAZUH_AGENT_NAME='CHANGEE_AGENT_NAME' +ARG WAZUH_AGENT_NAME='CHANGE_AGENT_NAME' +ARG wazuh_agent_url_amd64_rpm +ARG wazuh_agent_url_arm64_rpm -COPY config/check_repository.sh / - -RUN yum install curl-minimal tar gzip procps -y &&\ - yum clean all - -RUN chmod 775 /check_repository.sh -RUN source /check_repository.sh - -RUN yum install wazuh-agent-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ - yum clean all && \ +RUN dnf install curl-minimal tar gzip procps -y &&\ + curl -o wazuh-agent.rpm "${wazuh_agent_url_amd64_rpm}" && \ + dnf install /wazuh-agent.rpm -y && \ + dnf clean all && \ sed -i '//d' /var/ossec/etc/ossec.conf && \ curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \ -o /tmp/s6-overlay-amd64.tar.gz && \ @@ -31,6 +27,4 @@ RUN yum install wazuh-agent-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ COPY config/etc/ /etc/ -RUN rm /etc/yum.repos.d/wazuh.repo - ENTRYPOINT [ "/init" ] diff --git a/build-docker-images/wazuh-agent/config/check_repository.sh b/build-docker-images/wazuh-agent/config/check_repository.sh deleted file mode 100644 index 26ff489c..00000000 --- a/build-docker-images/wazuh-agent/config/check_repository.sh +++ /dev/null @@ -1,15 +0,0 @@ -## variables -APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH -GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" -REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" -WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$) - -## check tag to use the correct repository -if [[ -n "${WAZUH_TAG}" ]]; then - APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH - GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1" -fi - -rpm --import "${APT_KEY}" -echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 18f3976a..5cfae43d 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -5,16 +5,14 @@ ARG WAZUH_VERSION ARG WAZUH_TAG_REVISION ARG WAZUH_UI_REVISION ARG INSTALL_DIR=/usr/share/wazuh-dashboard +ARG wazuh_dashboard_url_amd64_rpm +ARG wazuh_dashboard_url_arm64_rpm # Update and install dependencies -RUN yum install curl-minimal libcap openssl -y - -COPY config/check_repository.sh / -RUN chmod 775 /check_repository.sh && \ - source /check_repository.sh - -RUN yum install wazuh-dashboard-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ - yum clean all +RUN dnf install curl-minimal libcap openssl -y && \ + curl -o wazuh-dashboard.rpm "${wazuh_dashboard_url_amd64_rpm}" && \ + dnf install /wazuh-dashboard.rpm -y && \ + dnf clean all # Create and set permissions to data directories RUN mkdir -p $INSTALL_DIR/data/wazuh && chmod -R 775 $INSTALL_DIR/data/wazuh @@ -42,10 +40,8 @@ FROM amazonlinux:2023 ENV USER="wazuh-dashboard" \ GROUP="wazuh-dashboard" \ NAME="wazuh-dashboard" \ - INSTALL_DIR="/usr/share/wazuh-dashboard" - -# Set Wazuh app variables -ENV PATTERN="" \ + INSTALL_DIR="/usr/share/wazuh-dashboard" \ + PATTERN="" \ CHECKS_PATTERN="" \ CHECKS_TEMPLATE="" \ CHECKS_API="" \ @@ -60,7 +56,7 @@ ENV PATTERN="" \ WAZUH_MONITORING_REPLICAS="" # Update and install dependencies -RUN yum install shadow-utils -y +RUN dnf install shadow-utils -y && dnf clean all # Create wazuh-dashboard user and group RUN getent group $GROUP || groupadd -r -g 1000 $GROUP diff --git a/build-docker-images/wazuh-dashboard/config/check_repository.sh b/build-docker-images/wazuh-dashboard/config/check_repository.sh deleted file mode 100644 index 3defb44e..00000000 --- a/build-docker-images/wazuh-dashboard/config/check_repository.sh +++ /dev/null @@ -1,15 +0,0 @@ -## variables -APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH -GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" -REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" -WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$) - -## check tag to use the correct repository -if [[ -n "${WAZUH_TAG}" ]]; then - APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH - GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/5.x/yum/\nprotect=1" -fi - -rpm --import "${APT_KEY}" -echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo \ No newline at end of file diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index f63304ab..41adaef0 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -3,31 +3,16 @@ FROM amazonlinux:2023 AS builder ARG WAZUH_VERSION ARG WAZUH_TAG_REVISION - -RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y - -COPY config/check_repository.sh / -RUN chmod 775 /check_repository.sh && \ - source /check_repository.sh - -RUN yum install wazuh-indexer-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ - yum clean all - -COPY config/opensearch.yml / +ARG wazuh_indexer_url_amd64_rpm +ARG wazuh_indexer_url_arm64_rpm COPY config/config.sh . -COPY config/config.yml / - -COPY config/action_groups.yml / - -COPY config/internal_users.yml / - -COPY config/roles_mapping.yml / - -COPY config/roles.yml / - -RUN bash config.sh +RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y &&\ + curl -o wazuh-indexer.rpm "${wazuh_indexer_url_amd64_rpm}" && \ + dnf install /wazuh-indexer.rpm -y && \ + dnf clean all && \ + bash config.sh ################################################################################ # Build stage 1 (the actual Wazuh indexer image): diff --git a/build-docker-images/wazuh-indexer/config/check_repository.sh b/build-docker-images/wazuh-indexer/config/check_repository.sh deleted file mode 100644 index 3defb44e..00000000 --- a/build-docker-images/wazuh-indexer/config/check_repository.sh +++ /dev/null @@ -1,15 +0,0 @@ -## variables -APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH -GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" -REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" -WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$) - -## check tag to use the correct repository -if [[ -n "${WAZUH_TAG}" ]]; then - APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH - GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/5.x/yum/\nprotect=1" -fi - -rpm --import "${APT_KEY}" -echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo \ No newline at end of file diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 7078ab88..12a9329a 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -5,28 +5,15 @@ RUN rm /bin/sh && ln -s /bin/bash /bin/sh ARG WAZUH_VERSION ARG WAZUH_TAG_REVISION -ARG FILEBEAT_TEMPLATE_BRANCH -ARG FILEBEAT_CHANNEL=filebeat-oss -ARG FILEBEAT_VERSION=7.10.2 -ARG FILEBEAT_REVISION=2 -ARG WAZUH_FILEBEAT_MODULE ARG S6_VERSION="v2.2.0.3" +ARG wazuh_manager_url_amd64_rpm +ARG wazuh_manager_url_arm64_rpm -RUN yum install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\ - yum clean all - -COPY config/check_repository.sh / -COPY config/filebeat_module.sh / -COPY config/permanent_data.env config/permanent_data.sh / - -RUN chmod 775 /check_repository.sh -RUN source /check_repository.sh - -RUN yum install wazuh-manager-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ - yum clean all && \ - chmod 775 /filebeat_module.sh && \ - source /filebeat_module.sh && \ - rm /filebeat_module.sh && \ +RUN dnf install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\ + dnf clean all && \ + curl -o wazuh-manager.rpm "${wazuh_manager_url_amd64_rpm}" && \ + dnf install /wazuh-manager.rpm -y && \ + dnf clean all && \ curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \ -o /tmp/s6-overlay-amd64.tar.gz && \ tar xzf /tmp/s6-overlay-amd64.tar.gz -C / --exclude="./bin" && \ @@ -36,16 +23,11 @@ RUN yum install wazuh-manager-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ COPY config/etc/ /etc/ COPY --chown=root:wazuh config/create_user.py /var/ossec/framework/scripts/create_user.py -COPY config/filebeat.yml /etc/filebeat/ - -RUN chmod go-w /etc/filebeat/filebeat.yml - -ADD https://raw.githubusercontent.com/wazuh/wazuh/$FILEBEAT_TEMPLATE_BRANCH/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat -RUN chmod go-w /etc/filebeat/wazuh-template.json - # Prepare permanent data # Sync calls are due to https://github.com/docker/docker/issues/9547 +COPY config/permanent_data.env config/permanent_data.sh / + #Make mount directories for keep permissions RUN mkdir -p /var/ossec/var/multigroups && \ @@ -58,8 +40,6 @@ RUN mkdir -p /var/ossec/var/multigroups && \ sync && /permanent_data.sh && \ sync && rm /permanent_data.sh -RUN rm /etc/yum.repos.d/wazuh.repo - # Services ports EXPOSE 55000/tcp 1514/tcp 1515/tcp 514/udp 1516/tcp diff --git a/build-docker-images/wazuh-manager/config/check_repository.sh b/build-docker-images/wazuh-manager/config/check_repository.sh deleted file mode 100644 index 3defb44e..00000000 --- a/build-docker-images/wazuh-manager/config/check_repository.sh +++ /dev/null @@ -1,15 +0,0 @@ -## variables -APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH -GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" -REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" -WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$) - -## check tag to use the correct repository -if [[ -n "${WAZUH_TAG}" ]]; then - APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH - GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/5.x/yum/\nprotect=1" -fi - -rpm --import "${APT_KEY}" -echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo \ No newline at end of file diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/1-config-filebeat b/build-docker-images/wazuh-manager/config/etc/cont-init.d/1-config-filebeat deleted file mode 100644 index 0a3ed8ff..00000000 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/1-config-filebeat +++ /dev/null @@ -1,51 +0,0 @@ -#!/usr/bin/with-contenv bash -# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) - -set -e - -if [ "$INDEXER_URL" != "" ]; then - >&2 echo "Customize Elasticsearch output IP" - sed -i "s|hosts:.*|hosts: ['$INDEXER_URL']|g" /etc/filebeat/filebeat.yml -fi - -# Configure filebeat.yml security settings - -if [ "$INDEXER_USERNAME" != "" ]; then - >&2 echo "Configuring username." - sed -i "s|#username:.*|username:|g" /etc/filebeat/filebeat.yml - sed -i "s|username:.*|username: '$INDEXER_USERNAME'|g" /etc/filebeat/filebeat.yml -fi - -if [ "$INDEXER_PASSWORD" != "" ]; then - >&2 echo "Configuring password." - sed -i "s|#password:.*|password:|g" /etc/filebeat/filebeat.yml - sed -i "s|password:.*|password: '$INDEXER_PASSWORD'|g" /etc/filebeat/filebeat.yml -fi - -if [ "$FILEBEAT_SSL_VERIFICATION_MODE" != "" ]; then - >&2 echo "Configuring SSL verification mode." - sed -i "s|#ssl.verification_mode:.*|ssl.verification_mode:|g" /etc/filebeat/filebeat.yml - sed -i "s|ssl.verification_mode:.*|ssl.verification_mode: '$FILEBEAT_SSL_VERIFICATION_MODE'|g" /etc/filebeat/filebeat.yml -fi - -if [ "$SSL_CERTIFICATE_AUTHORITIES" != "" ]; then - >&2 echo "Configuring Certificate Authorities." - sed -i "s|#ssl.certificate_authorities:.*|ssl.certificate_authorities:|g" /etc/filebeat/filebeat.yml - sed -i "s|ssl.certificate_authorities:.*|ssl.certificate_authorities: ['$SSL_CERTIFICATE_AUTHORITIES']|g" /etc/filebeat/filebeat.yml -fi - -if [ "$SSL_CERTIFICATE" != "" ]; then - >&2 echo "Configuring SSL Certificate." - sed -i "s|#ssl.certificate:.*|ssl.certificate:|g" /etc/filebeat/filebeat.yml - sed -i "s|ssl.certificate:.*|ssl.certificate: '$SSL_CERTIFICATE'|g" /etc/filebeat/filebeat.yml -fi - -if [ "$SSL_KEY" != "" ]; then - >&2 echo "Configuring SSL Key." - sed -i "s|#ssl.key:.*|ssl.key:|g" /etc/filebeat/filebeat.yml - sed -i "s|ssl.key:.*|ssl.key: '$SSL_KEY'|g" /etc/filebeat/filebeat.yml -fi - - -chmod go-w /etc/filebeat/filebeat.yml || true -chown root: /etc/filebeat/filebeat.yml || true diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager b/build-docker-images/wazuh-manager/config/etc/cont-init.d/1-manager similarity index 100% rename from build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager rename to build-docker-images/wazuh-manager/config/etc/cont-init.d/1-manager diff --git a/build-docker-images/wazuh-manager/config/etc/services.d/filebeat/finish b/build-docker-images/wazuh-manager/config/etc/services.d/filebeat/finish deleted file mode 100644 index 8813eb67..00000000 --- a/build-docker-images/wazuh-manager/config/etc/services.d/filebeat/finish +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env sh -echo >&2 "Filebeat exited. code=${1}" - -# terminate other services to exit from the container -exec s6-svscanctl -t /var/run/s6/services - diff --git a/build-docker-images/wazuh-manager/config/etc/services.d/filebeat/run b/build-docker-images/wazuh-manager/config/etc/services.d/filebeat/run deleted file mode 100644 index 706ee5af..00000000 --- a/build-docker-images/wazuh-manager/config/etc/services.d/filebeat/run +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/with-contenv sh -echo >&2 "starting Filebeat" - -exec /usr/share/filebeat/bin/filebeat -e -c /etc/filebeat/filebeat.yml -path.home /usr/share/filebeat -path.config /etc/filebeat -path.data /var/lib/filebeat -path.logs /var/log/filebeat diff --git a/build-docker-images/wazuh-manager/config/filebeat_module.sh b/build-docker-images/wazuh-manager/config/filebeat_module.sh deleted file mode 100644 index dc475a47..00000000 --- a/build-docker-images/wazuh-manager/config/filebeat_module.sh +++ /dev/null @@ -1,11 +0,0 @@ -## variables -REPOSITORY="packages-dev.wazuh.com/pre-release" -WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$) - -## check tag to use the correct repository -if [[ -n "${WAZUH_TAG}" ]]; then - REPOSITORY="packages.wazuh.com/5.x" -fi - -yum install filebeat-${FILEBEAT_VERSION}-${FILEBEAT_REVISION} -y && \ -curl -s https://${REPOSITORY}/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module \ No newline at end of file diff --git a/build-docker-images/wazuh-manager/config/permanent_data.env b/build-docker-images/wazuh-manager/config/permanent_data.env index 26a61289..ae0527a3 100644 --- a/build-docker-images/wazuh-manager/config/permanent_data.env +++ b/build-docker-images/wazuh-manager/config/permanent_data.env @@ -7,7 +7,6 @@ PERMANENT_DATA[((i++))]="/var/ossec/queue" PERMANENT_DATA[((i++))]="/var/ossec/var/multigroups" PERMANENT_DATA[((i++))]="/var/ossec/active-response/bin" PERMANENT_DATA[((i++))]="/var/ossec/wodles" -PERMANENT_DATA[((i++))]="/etc/filebeat" export PERMANENT_DATA @@ -73,11 +72,6 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/exceptions.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/buckets/bucket.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/buckets/access_logs.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/pubsub/subscriber.py" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/lists/malicious-ioc/malicious-ip" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/lists/malicious-ioc/malicious-domains" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/lists/malicious-ioc/malware-hashes" -PERMANENT_DATA_EXCP[((i++))]="/etc/filebeat/wazuh-template.json" -PERMANENT_DATA_EXCP[((i++))]="/etc/filebeat/filebeat.yml" export PERMANENT_DATA_EXCP # Files mounted in a volume that should be deleted diff --git a/docs/dev/build-image.md b/docs/dev/build-image.md index 563f64e2..4c2c4512 100644 --- a/docs/dev/build-image.md +++ b/docs/dev/build-image.md @@ -24,7 +24,6 @@ $ build-docker-images/build-images.sh -h Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc2 or beta1, not used by default. - -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 -v, --version [Optional] Set the Wazuh version should be builded. By default, 5.0.0. -h, --help Show this help. From 3a605b3f6a28c45d223c2b822e84241dad2fb5f6 Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Thu, 30 Oct 2025 22:17:16 +0700 Subject: [PATCH 19/29] Delete filebeat options --- .../workflows/Procedure_push_docker_images.yml | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index 58148422..c662c63d 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -11,10 +11,6 @@ on: docker_reference: description: 'wazuh-docker reference' required: true - filebeat_module_version: - description: 'Filebeat module version' - default: '0.4' - required: true revision: description: 'Package revision' default: '1' @@ -43,11 +39,6 @@ on: description: 'wazuh-docker reference' required: false type: string - filebeat_module_version: - description: 'Filebeat module version' - default: '0.4' - required: true - type: string revision: description: 'Package revision' default: '1' @@ -78,7 +69,6 @@ jobs: env: IMAGE_REGISTRY: ${{ inputs.dev && vars.IMAGE_REGISTRY_DEV || vars.IMAGE_REGISTRY_PROD }} IMAGE_TAG: ${{ inputs.image_tag }} - FILEBEAT_MODULE_VERSION: ${{ inputs.filebeat_module_version }} REVISION: ${{ inputs.revision }} steps: @@ -160,7 +150,7 @@ jobs: run: | if [ "${{ inputs.dev }}" = true ]; then IMAGE_TAG="${{ inputs.image_tag }}-${{ inputs.reference }}" - ./build-images.sh -v ${{ inputs.image_tag }} -r $REVISION -d "dev" -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m -ref ${{ inputs.reference }} + ./build-images.sh -v ${{ inputs.image_tag }} -r $REVISION -d "dev" -rg $IMAGE_REGISTRY -m -ref ${{ inputs.reference }} else if [[ "$IMAGE_TAG" == *"-"* ]]; then IFS='-' read -r -a tokens <<< "$IMAGE_TAG" @@ -170,9 +160,9 @@ jobs: fi DEV_STAGE=${tokens[1]} WAZUH_VER=${tokens[0]} - ./build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m + ./build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -rg $IMAGE_REGISTRY -m else - ./build-images.sh -v $IMAGE_TAG -r $REVISION -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m + ./build-images.sh -v $IMAGE_TAG -r $REVISION -rg $IMAGE_REGISTRY -m fi fi # Save .env file (generated by build-images.sh) contents to $GITHUB_ENV From 34ebf7a8592e86525a9b5520d22eee0e0742728c Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Thu, 30 Oct 2025 22:23:29 +0700 Subject: [PATCH 20/29] Add quotes to URLs --- .../Procedure_push_docker_images.yml | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index c662c63d..35a99c5e 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -124,25 +124,25 @@ jobs: if : ${{ inputs.dev == true }} run: | cat << EOF > packages-url.txt - wazuh_manager_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1) - wazuh_manager_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1) - wazuh_manager_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1) - wazuh_manager_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1) - wazuh_indexer_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1) - wazuh_indexer_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1) - wazuh_indexer_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1) - wazuh_indexer_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1) - wazuh_dashboard_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1) - wazuh_dashboard_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1) - wazuh_dashboard_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1) - wazuh_dashboard_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1) - wazuh_agent_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1) - wazuh_agent_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1) - wazuh_agent_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1) - wazuh_agent_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1) - wazuh_agent_url_i386_msi: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.i386.msi --expires-in 3600 --region us-west-1) - wazuh_agent_url_intel64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.intel64.pkg --expires-in 3600 --region us-west-1) - wazuh_agent_url_arm64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.arm64.pkg --expires-in 3600 --region us-west-1) + wazuh_manager_url_amd64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)" + wazuh_manager_url_arm64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)" + wazuh_manager_url_x86_64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)" + wazuh_manager_url_aarch64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)" + wazuh_indexer_url_amd64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)" + wazuh_indexer_url_arm64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)" + wazuh_indexer_url_x86_64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)" + wazuh_indexer_url_aarch64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)" + wazuh_dashboard_url_amd64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)" + wazuh_dashboard_url_arm64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)" + wazuh_dashboard_url_x86_64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)" + wazuh_dashboard_url_aarch64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)" + wazuh_agent_url_amd64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)" + wazuh_agent_url_arm64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)" + wazuh_agent_url_x86_64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)" + wazuh_agent_url_aarch64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)" + wazuh_agent_url_i386_msi: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.i386.msi --expires-in 3600 --region us-west-1)" + wazuh_agent_url_intel64_pkg: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.intel64.pkg --expires-in 3600 --region us-west-1)" + wazuh_agent_url_arm64_pkg: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.arm64.pkg --expires-in 3600 --region us-west-1)" EOF working-directory: ./build-docker-images From d46c4ef5b2defc887efa074c68ffb05415dbded2 Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Thu, 30 Oct 2025 22:32:31 +0700 Subject: [PATCH 21/29] Add rpm path --- build-docker-images/wazuh-agent/Dockerfile | 2 +- build-docker-images/wazuh-dashboard/Dockerfile | 2 +- build-docker-images/wazuh-indexer/Dockerfile | 2 +- build-docker-images/wazuh-manager/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/build-docker-images/wazuh-agent/Dockerfile b/build-docker-images/wazuh-agent/Dockerfile index fc24dbbd..8e0b59d0 100644 --- a/build-docker-images/wazuh-agent/Dockerfile +++ b/build-docker-images/wazuh-agent/Dockerfile @@ -15,7 +15,7 @@ ARG wazuh_agent_url_amd64_rpm ARG wazuh_agent_url_arm64_rpm RUN dnf install curl-minimal tar gzip procps -y &&\ - curl -o wazuh-agent.rpm "${wazuh_agent_url_amd64_rpm}" && \ + curl -o /wazuh-agent.rpm "${wazuh_agent_url_amd64_rpm}" && \ dnf install /wazuh-agent.rpm -y && \ dnf clean all && \ sed -i '//d' /var/ossec/etc/ossec.conf && \ diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 5cfae43d..a00233b2 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -10,7 +10,7 @@ ARG wazuh_dashboard_url_arm64_rpm # Update and install dependencies RUN dnf install curl-minimal libcap openssl -y && \ - curl -o wazuh-dashboard.rpm "${wazuh_dashboard_url_amd64_rpm}" && \ + curl -o /wazuh-dashboard.rpm "${wazuh_dashboard_url_amd64_rpm}" && \ dnf install /wazuh-dashboard.rpm -y && \ dnf clean all diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index 41adaef0..526da7ea 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -9,7 +9,7 @@ ARG wazuh_indexer_url_arm64_rpm COPY config/config.sh . RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y &&\ - curl -o wazuh-indexer.rpm "${wazuh_indexer_url_amd64_rpm}" && \ + curl -o /wazuh-indexer.rpm "${wazuh_indexer_url_amd64_rpm}" && \ dnf install /wazuh-indexer.rpm -y && \ dnf clean all && \ bash config.sh diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 12a9329a..614bf6f6 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -11,7 +11,7 @@ ARG wazuh_manager_url_arm64_rpm RUN dnf install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\ dnf clean all && \ - curl -o wazuh-manager.rpm "${wazuh_manager_url_amd64_rpm}" && \ + curl -o /wazuh-manager.rpm "${wazuh_manager_url_amd64_rpm}" && \ dnf install /wazuh-manager.rpm -y && \ dnf clean all && \ curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \ From d654b17189c4898470eb96e35aa0e02674ccf679 Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Thu, 30 Oct 2025 22:35:14 +0700 Subject: [PATCH 22/29] Add packages-url.txt artifact --- .github/workflows/Procedure_push_docker_images.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index 35a99c5e..9c647b42 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -146,6 +146,14 @@ jobs: EOF working-directory: ./build-docker-images + - name: Save packages-url.txt as artifact + if: ${{ inputs.dev == true }} + uses: actions/upload-artifact@v4 + with: + name: packages-url.txt + path: /home/runner/work/wazuh-docker/wazuh-docker/build-docker-images/packages-url.txt + retention-days: 1 + - name: Build Wazuh images run: | if [ "${{ inputs.dev }}" = true ]; then From 46829ed9ee279ee58a70e9d77da148f9e6d30fbc Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Thu, 30 Oct 2025 22:58:39 +0700 Subject: [PATCH 23/29] Add architecture target --- build-docker-images/wazuh-agent/Dockerfile | 2 +- build-docker-images/wazuh-dashboard/Dockerfile | 2 +- build-docker-images/wazuh-indexer/Dockerfile | 2 +- build-docker-images/wazuh-manager/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/build-docker-images/wazuh-agent/Dockerfile b/build-docker-images/wazuh-agent/Dockerfile index 8e0b59d0..61b19bed 100644 --- a/build-docker-images/wazuh-agent/Dockerfile +++ b/build-docker-images/wazuh-agent/Dockerfile @@ -15,7 +15,7 @@ ARG wazuh_agent_url_amd64_rpm ARG wazuh_agent_url_arm64_rpm RUN dnf install curl-minimal tar gzip procps -y &&\ - curl -o /wazuh-agent.rpm "${wazuh_agent_url_amd64_rpm}" && \ + curl -o /wazuh-agent.rpm "${wazuh_agent_url_$TARGETARCH_rpm}" && \ dnf install /wazuh-agent.rpm -y && \ dnf clean all && \ sed -i '//d' /var/ossec/etc/ossec.conf && \ diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index a00233b2..16db2b83 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -10,7 +10,7 @@ ARG wazuh_dashboard_url_arm64_rpm # Update and install dependencies RUN dnf install curl-minimal libcap openssl -y && \ - curl -o /wazuh-dashboard.rpm "${wazuh_dashboard_url_amd64_rpm}" && \ + curl -o /wazuh-dashboard.rpm "${wazuh_dashboard_url_$TARGETARCH_rpm}" && \ dnf install /wazuh-dashboard.rpm -y && \ dnf clean all diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index 526da7ea..e627373b 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -9,7 +9,7 @@ ARG wazuh_indexer_url_arm64_rpm COPY config/config.sh . RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y &&\ - curl -o /wazuh-indexer.rpm "${wazuh_indexer_url_amd64_rpm}" && \ + curl -o /wazuh-indexer.rpm "${wazuh_indexer_url_$TARGETARCH_rpm}" && \ dnf install /wazuh-indexer.rpm -y && \ dnf clean all && \ bash config.sh diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 614bf6f6..104d8929 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -11,7 +11,7 @@ ARG wazuh_manager_url_arm64_rpm RUN dnf install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\ dnf clean all && \ - curl -o /wazuh-manager.rpm "${wazuh_manager_url_amd64_rpm}" && \ + curl -o /wazuh-manager.rpm "${wazuh_manager_url_$TARGETARCH_rpm}" && \ dnf install /wazuh-manager.rpm -y && \ dnf clean all && \ curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \ From cb8a69026f6dde12012e09a0ea608804b1d4df61 Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Thu, 30 Oct 2025 23:09:19 +0700 Subject: [PATCH 24/29] Add url variables --- build-docker-images/wazuh-agent/Dockerfile | 7 +++++-- build-docker-images/wazuh-dashboard/Dockerfile | 7 +++++-- build-docker-images/wazuh-indexer/Dockerfile | 7 +++++-- build-docker-images/wazuh-manager/Dockerfile | 7 +++++-- 4 files changed, 20 insertions(+), 8 deletions(-) diff --git a/build-docker-images/wazuh-agent/Dockerfile b/build-docker-images/wazuh-agent/Dockerfile index 61b19bed..3b90c23e 100644 --- a/build-docker-images/wazuh-agent/Dockerfile +++ b/build-docker-images/wazuh-agent/Dockerfile @@ -11,11 +11,14 @@ ARG WAZUH_MANAGER_PORT='CHANGE_MANAGER_PORT' ARG WAZUH_REGISTRATION_SERVER='CHANGE_ENROLL_IP' ARG WAZUH_REGISTRATION_PORT='CHANGE_ENROLL_PORT' ARG WAZUH_AGENT_NAME='CHANGE_AGENT_NAME' +ARG TARGETARCH ARG wazuh_agent_url_amd64_rpm ARG wazuh_agent_url_arm64_rpm -RUN dnf install curl-minimal tar gzip procps -y &&\ - curl -o /wazuh-agent.rpm "${wazuh_agent_url_$TARGETARCH_rpm}" && \ +RUN URL_VAR="wazuh_agent_url_${TARGETARCH}_rpm" && \ + agent_url="${!URL_VAR}" && \ + dnf install curl-minimal tar gzip procps -y &&\ + curl -o /wazuh-agent.rpm "${agent_url}" && \ dnf install /wazuh-agent.rpm -y && \ dnf clean all && \ sed -i '//d' /var/ossec/etc/ossec.conf && \ diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 16db2b83..aef330c9 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -5,12 +5,15 @@ ARG WAZUH_VERSION ARG WAZUH_TAG_REVISION ARG WAZUH_UI_REVISION ARG INSTALL_DIR=/usr/share/wazuh-dashboard +ARG TARGETARCH ARG wazuh_dashboard_url_amd64_rpm ARG wazuh_dashboard_url_arm64_rpm # Update and install dependencies -RUN dnf install curl-minimal libcap openssl -y && \ - curl -o /wazuh-dashboard.rpm "${wazuh_dashboard_url_$TARGETARCH_rpm}" && \ +RUN URL_VAR="wazuh_dashboard_url_${TARGETARCH}_rpm" && \ + dashboard_url="${!URL_VAR}" && \ + dnf install curl-minimal libcap openssl -y && \ + curl -o /wazuh-dashboard.rpm "${dashboard_url}" && \ dnf install /wazuh-dashboard.rpm -y && \ dnf clean all diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index e627373b..ed250a4d 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -3,13 +3,16 @@ FROM amazonlinux:2023 AS builder ARG WAZUH_VERSION ARG WAZUH_TAG_REVISION +ARG TARGETARCH ARG wazuh_indexer_url_amd64_rpm ARG wazuh_indexer_url_arm64_rpm COPY config/config.sh . -RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y &&\ - curl -o /wazuh-indexer.rpm "${wazuh_indexer_url_$TARGETARCH_rpm}" && \ +RUN URL_VAR="wazuh_indexer_url_${TARGETARCH}_rpm" && \ + indexer_url="${!URL_VAR}" && \ + dnf install curl-minimal openssl xz tar findutils shadow-utils -y &&\ + curl -o /wazuh-indexer.rpm "${indexer_url}" && \ dnf install /wazuh-indexer.rpm -y && \ dnf clean all && \ bash config.sh diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 104d8929..258638e4 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -6,12 +6,15 @@ RUN rm /bin/sh && ln -s /bin/bash /bin/sh ARG WAZUH_VERSION ARG WAZUH_TAG_REVISION ARG S6_VERSION="v2.2.0.3" +ARG TARGETARCH ARG wazuh_manager_url_amd64_rpm ARG wazuh_manager_url_arm64_rpm -RUN dnf install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\ +RUN URL_VAR="wazuh_manager_url_${TARGETARCH}_rpm" && \ + manager_url="${!URL_VAR}" && \ + dnf install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\ dnf clean all && \ - curl -o /wazuh-manager.rpm "${wazuh_manager_url_$TARGETARCH_rpm}" && \ + curl -o /wazuh-manager.rpm "${manager_url}" && \ dnf install /wazuh-manager.rpm -y && \ dnf clean all && \ curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \ From 8c6a0a931912cce70d1d2bff4b2820adf4159280 Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Thu, 30 Oct 2025 23:28:06 +0700 Subject: [PATCH 25/29] Add free space step --- .github/workflows/Procedure_push_docker_images.yml | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index 9c647b42..cfb6454c 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -91,6 +91,9 @@ jobs: echo "* dev reference: ${{ inputs.reference }}" echo "---------------------------------------------" + - name: free disk space + uses: ./.github/free-disk-space + - name: Checkout repository uses: actions/checkout@v4 with: @@ -146,14 +149,6 @@ jobs: EOF working-directory: ./build-docker-images - - name: Save packages-url.txt as artifact - if: ${{ inputs.dev == true }} - uses: actions/upload-artifact@v4 - with: - name: packages-url.txt - path: /home/runner/work/wazuh-docker/wazuh-docker/build-docker-images/packages-url.txt - retention-days: 1 - - name: Build Wazuh images run: | if [ "${{ inputs.dev }}" = true ]; then From eb49d515d8a92839f728e0f1caf3946ac3b15d66 Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Thu, 30 Oct 2025 23:32:32 +0700 Subject: [PATCH 26/29] Add free space step --- .github/workflows/Procedure_push_docker_images.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index cfb6454c..e8094f83 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -91,13 +91,13 @@ jobs: echo "* dev reference: ${{ inputs.reference }}" echo "---------------------------------------------" - - name: free disk space - uses: ./.github/free-disk-space - - name: Checkout repository uses: actions/checkout@v4 with: ref: ${{ inputs.docker_reference }} + + - name: free disk space + uses: ./.github/free-disk-space - name: Set up QEMU uses: docker/setup-qemu-action@v3 From fd5034c3d51fc5df7b8063204d8269e2fcd8c35e Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Fri, 31 Oct 2025 00:44:42 +0700 Subject: [PATCH 27/29] Modify packages_url.txt filename --- .github/workflows/Procedure_push_docker_images.yml | 4 ++-- .gitignore | 2 +- build-docker-images/build-images.sh | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index e8094f83..c6b17fe0 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -123,10 +123,10 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - name: Create packages-url.txt file + - name: Create packages_url.txt file if : ${{ inputs.dev == true }} run: | - cat << EOF > packages-url.txt + cat << EOF > packages_url.txt wazuh_manager_url_amd64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)" wazuh_manager_url_arm64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)" wazuh_manager_url_x86_64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)" diff --git a/.gitignore b/.gitignore index 0ead0852..269239fd 100644 --- a/.gitignore +++ b/.gitignore @@ -4,4 +4,4 @@ multi-node/config/wazuh_indexer_ssl_certs/*.pem multi-node/config/wazuh_indexer_ssl_certs/*.key *.log build-docker-images/packages_env.txt -build-docker-images/packages-url.txt \ No newline at end of file +build-docker-images/packages_url.txt \ No newline at end of file diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index 402b160f..95b23ebd 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -43,7 +43,7 @@ build() { WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}" # Variables - FILE="packages-url.txt" + FILE="packages_url.txt" if [[ -f "$FILE" ]]; then echo "$FILE exists. Using existing file." From 913dd89e272b72de04e2d53d44c345dbc3214a15 Mon Sep 17 00:00:00 2001 From: Victor Carlos Erenu Date: Fri, 31 Oct 2025 01:01:58 +0700 Subject: [PATCH 28/29] Add changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6b9495b7..a748abc8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,8 @@ All notable changes to this project will be documented in this file. ### Changed +- Modify Wazuh components install method ([#2058](https://github.com/wazuh/wazuh-puppet/issues/2058)) +- Image builder Workflow Rebuild ([#2054](https://github.com/wazuh/wazuh-puppet/issues/2054)) - Wazuh server clean-up ([#2030](https://github.com/wazuh/wazuh-puppet/issues/2030)) - Fix OpenSearch deprecated settings ([#1366](https://github.com/wazuh/wazuh-puppet/issues/1366)) From f7cebff2e9754c85410b5a22bdff7fdc52b4167b Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Fri, 31 Oct 2025 10:09:11 +0100 Subject: [PATCH 29/29] Remove image tag for 4.14.1 rc1 --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- wazuh-agent/docker-compose.yml | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 400b5b02..8fd47f7d 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -1,7 +1,7 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: wazuh.master: - image: wazuh/wazuh-manager:4.14.1-rc1 + image: wazuh/wazuh-manager:4.14.1 hostname: wazuh.master restart: always ulimits: @@ -43,7 +43,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.14.1-rc1 + image: wazuh/wazuh-manager:4.14.1 hostname: wazuh.worker restart: always ulimits: @@ -79,7 +79,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.14.1-rc1 + image: wazuh/wazuh-indexer:4.14.1 hostname: wazuh1.indexer restart: always ports: @@ -105,7 +105,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.14.1-rc1 + image: wazuh/wazuh-indexer:4.14.1 hostname: wazuh2.indexer restart: always environment: @@ -127,7 +127,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.14.1-rc1 + image: wazuh/wazuh-indexer:4.14.1 hostname: wazuh3.indexer restart: always environment: @@ -149,7 +149,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.14.1-rc1 + image: wazuh/wazuh-dashboard:4.14.1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 49448dd1..673f3dcb 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -1,7 +1,7 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: wazuh.manager: - image: wazuh/wazuh-manager:4.14.1-rc1 + image: wazuh/wazuh-manager:4.14.1 hostname: wazuh.manager restart: always ulimits: @@ -44,7 +44,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.14.1-rc1 + image: wazuh/wazuh-indexer:4.14.1 hostname: wazuh.indexer restart: always ports: @@ -69,7 +69,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.14.1-rc1 + image: wazuh/wazuh-dashboard:4.14.1 hostname: wazuh.dashboard restart: always ports: diff --git a/wazuh-agent/docker-compose.yml b/wazuh-agent/docker-compose.yml index 2bdb9b61..ba64d37e 100644 --- a/wazuh-agent/docker-compose.yml +++ b/wazuh-agent/docker-compose.yml @@ -1,7 +1,7 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: wazuh.agent: - image: wazuh/wazuh-agent:4.14.1-rc1 + image: wazuh/wazuh-agent:4.14.1 restart: always environment: - WAZUH_MANAGER_SERVER=