From 79399f5b4b8c37bef7784b762229fb67967f4e76 Mon Sep 17 00:00:00 2001 From: wazuhci <22834044+wazuhci@users.noreply.github.com> Date: Fri, 26 Sep 2025 06:51:45 +0000 Subject: [PATCH 01/18] feat: bump 4.14.0 --- VERSION.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION.json b/VERSION.json index af2b5c0..60dcbfb 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1,4 +1,4 @@ { "version": "4.14.0", - "stage": "alpha0" + "stage": "alpha1" } From 3caae3fdf273ed291e4d25a163e5bb31fbe37dae Mon Sep 17 00:00:00 2001 From: wazuhci <22834044+wazuhci@users.noreply.github.com> Date: Thu, 9 Oct 2025 10:00:32 +0000 Subject: [PATCH 02/18] feat: bump 4.14.0 --- VERSION.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION.json b/VERSION.json index 60dcbfb..2a0ff37 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1,4 +1,4 @@ { "version": "4.14.0", - "stage": "alpha1" + "stage": "rc1" } From 7b0ee67ae5acaa17c7652095cc6a5229ecfff07d Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Wed, 15 Oct 2025 18:58:03 -0300 Subject: [PATCH 03/18] Add fixes to test if build time is improved --- .../ansible_playbooks/ova_generator.yaml | 70 +++++++++++++++++-- ova/workflow_assets/Vagrantfile | 2 +- 2 files changed, 64 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ansible_playbooks/ova_generator.yaml b/.github/workflows/ansible_playbooks/ova_generator.yaml index bca8f81..75d4076 100644 --- a/.github/workflows/ansible_playbooks/ova_generator.yaml +++ b/.github/workflows/ansible_playbooks/ova_generator.yaml @@ -115,7 +115,7 @@ register: vagrant_up_result become: true - - name: Run vagrant up + - name: Run vagrant up shell: | #!/bin/bash MAX_RETRIES=100 @@ -179,16 +179,72 @@ retries: 30 delay: 60 - - name: Stop the VM - shell: "vagrant halt" - args: - chdir: "/tmp/wazuh-virtual-machines/ova/workflow_assets" + # ========================================== + # NUEVO: AÑADIR RED PRIVADA AQUÍ + # ========================================== - - name: Configure VM network in VirtualBox + - name: Add private network to VM (two-step approach) shell: | + echo "=== Checking for host-only network ===" + if ! vboxmanage list hostonlyifs | grep -q vboxnet0; then + echo "Creating host-only network interface..." + vboxmanage hostonlyif create + fi + + echo "" + echo "=== Adding NIC2 to ova_base VM ===" vboxmanage modifyvm ova_base --nic2 hostonly vboxmanage modifyvm ova_base --cableconnected2 on + echo "" + echo "=== Verifying network configuration ===" + vboxmanage showvminfo ova_base | grep "NIC 2" + + echo "" + echo "✓ Private network added successfully" + register: add_network_result + + - name: Show network addition results + debug: + var: add_network_result.stdout_lines + + # ========================================== + # OPCIONAL: VERIFICAR QUE FUNCIONA + # ========================================== + + - name: Quick test - Start VM and verify eth1 + shell: | + cd /tmp/wazuh-virtual-machines/ova/workflow_assets + + echo "=== Starting VM to test network ===" + vagrant up + + echo "" + echo "=== Waiting 20 seconds for network initialization ===" + sleep 20 + + echo "" + echo "=== Checking eth1 inside VM ===" + vagrant ssh -c "ip addr show eth1 || echo 'eth1 exists but no IP yet (normal)'" + + echo "" + echo "=== Stopping VM ===" + vagrant halt + + echo "" + echo "✓ Network test completed" + args: + chdir: "/tmp/wazuh-virtual-machines/ova/workflow_assets" + register: network_test_result + + - name: Show network test results + debug: + var: network_test_result.stdout_lines + + # ========================================== + # CONTINUAR CON EXPORT NORMAL + # ========================================== + - name: Export the VM to OVA shell: "vboxmanage export ova_base --output /home/ec2-user/{{ filename_ova }}" register: export_result @@ -202,7 +258,7 @@ until: job_result.finished retries: 30 delay: 60 - + - name: Change permissions to the OVA file file: path: /home/ec2-user/{{ filename_ova }} diff --git a/ova/workflow_assets/Vagrantfile b/ova/workflow_assets/Vagrantfile index 6f701d5..fc0a6fc 100644 --- a/ova/workflow_assets/Vagrantfile +++ b/ova/workflow_assets/Vagrantfile @@ -13,7 +13,7 @@ Vagrant.configure("2") do |config| # Create a private network, which allows host-only access to the machine # using a specific IP. - config.vm.network "private_network", ip: "192.168.56.22", interface: "2" + #config.vm.network "private_network", ip: "192.168.56.22", interface: "2" config.vm.hostname = "wazuh-server" # Example for VirtualBox: From b167c22bf28dad602ba37a23b694ca1935ea952d Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Wed, 15 Oct 2025 19:31:36 -0300 Subject: [PATCH 04/18] Add show inventory and not delete vm --- .github/workflows/builder_OVA.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/builder_OVA.yaml b/.github/workflows/builder_OVA.yaml index 2651130..ab3d531 100644 --- a/.github/workflows/builder_OVA.yaml +++ b/.github/workflows/builder_OVA.yaml @@ -175,6 +175,10 @@ jobs: echo "[gha_instance]" > ${{ env.ALLOCATOR_PATH }}/inventory_ansible.ini echo "${{ env.ansible_host }} ansible_port=${{ env.ansible_port }} ansible_user=${{ env.ansible_user }} ansible_ssh_private_key_file=${{ env.ansible_ssh_private_key_file }} ansible_ssh_common_args='${{ env.ansible_ssh_common_args }}'" >> ${{ env.ALLOCATOR_PATH }}/inventory_ansible.ini + - name: Show inventory + run: | + cat ${{ env.ALLOCATOR_PATH }}/inventory_ansible.ini + - name: Install Python3 in the AWS instance run: | ssh -p ${{ env.ansible_port }} -i ${{ env.ansible_ssh_private_key_file }} -o 'StrictHostKeyChecking no' ${{ env.ansible_user }}@${{ env.ansible_host }} "sudo yum install -y python3" @@ -218,6 +222,6 @@ jobs: s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_PATH }}/${{ env.FILENAME_SHA }}" echo "S3 sha512 OVA URI: ${s3uri}" - - name: Delete allocated VM - if: always() && steps.alloc_vm.outcome == 'success' - run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output ${{ env.ALLOCATOR_PATH }}/track.yml + #- name: Delete allocated VM + # if: always() && steps.alloc_vm.outcome == 'success' + # run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output ${{ env.ALLOCATOR_PATH }}/track.yml From 9d4890c25613743b4de04bad7b85ed45fb1b741a Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 00:20:48 -0300 Subject: [PATCH 05/18] Add full diagnosis --- .../ansible_playbooks/ova_generator.yaml | 314 ++++++++++-------- 1 file changed, 182 insertions(+), 132 deletions(-) diff --git a/.github/workflows/ansible_playbooks/ova_generator.yaml b/.github/workflows/ansible_playbooks/ova_generator.yaml index 75d4076..50f6a54 100644 --- a/.github/workflows/ansible_playbooks/ova_generator.yaml +++ b/.github/workflows/ansible_playbooks/ova_generator.yaml @@ -112,154 +112,204 @@ fi args: executable: /bin/bash - register: vagrant_up_result + register: vagrant_cleanup_result become: true - - name: Run vagrant up + # ========================================== + # DIAGNÓSTICO ANTES DE VAGRANT UP + # ========================================== + + - name: Pre-vagrant diagnostics + shell: | + echo "==========================================" + echo "PRE-VAGRANT UP DIAGNOSTICS" + echo "==========================================" + echo "" + + echo "=== System Resources ===" + free -h + echo "" + df -h /tmp + echo "" + + echo "=== VirtualBox Status ===" + vboxmanage --version + lsmod | grep vbox + echo "" + + echo "=== Vagrant Info ===" + vagrant --version + vagrant box list + echo "" + + echo "=== Vagrantfile Content ===" + cd /tmp/wazuh-virtual-machines/ova/workflow_assets + cat Vagrantfile + echo "" + + echo "=== Existing VMs ===" + vboxmanage list vms + vboxmanage list runningvms + echo "" + + register: pre_vagrant_diag + + - name: Show pre-vagrant diagnostics + debug: + var: pre_vagrant_diag.stdout_lines + + # ========================================== + # VAGRANT UP CON LOGGING DETALLADO + # ========================================== + + - name: Run vagrant up with detailed logging and timeout monitoring shell: | #!/bin/bash - MAX_RETRIES=100 - attempts=0 + set -x + cd /tmp/wazuh-virtual-machines/ova/workflow_assets - while true; do - ((attempts++)) - echo "Attempt $attempts" - if vagrant up; then - break - else - if [ $attempts -eq $MAX_RETRIES ]; then - echo "Max attempts reached" - exit 1 + + echo "==========================================" + echo "STARTING VAGRANT UP WITH DETAILED LOGGING" + echo "Started at: $(date)" + echo "==========================================" + + # Start vagrant up in background with full debug logging + VAGRANT_LOG=debug vagrant up > /tmp/vagrant_debug.log 2>&1 & + VAGRANT_PID=$! + + echo "Vagrant PID: $VAGRANT_PID" + + # Monitor for 10 minutes with detailed status updates + elapsed=0 + max_wait=600 # 10 minutes + + while kill -0 $VAGRANT_PID 2>/dev/null; do + sleep 30 + elapsed=$((elapsed + 30)) + + echo "" + echo "=== Status at ${elapsed} seconds ===" + echo "Time: $(date)" + + # Check VirtualBox VM status + if vboxmanage showvminfo ova_base >/dev/null 2>&1; then + echo "VM exists, checking state:" + vboxmanage showvminfo ova_base | grep -E "State:|Session name:" + + # Check if SSH port is open + vm_state=$(vboxmanage showvminfo ova_base | grep "State:" | head -1) + if echo "$vm_state" | grep -q "running"; then + echo "VM is running, checking SSH port:" + ss -tln | grep :2222 || echo "SSH port 2222 not listening yet" fi - vagrant destroy -f + else + echo "VM 'ova_base' does not exist yet" + fi + + # Show last 10 lines of vagrant output + echo "" + echo "Last 10 lines of vagrant log:" + tail -10 /tmp/vagrant_debug.log | sed 's/^/ /' + + # Check for specific error patterns + if grep -q "Timed out" /tmp/vagrant_debug.log; then + echo "⚠ WARNING: Found 'Timed out' in logs" + fi + if grep -q "SSH auth method" /tmp/vagrant_debug.log; then + echo "⚠ WARNING: SSH authentication issue detected" + fi + if grep -q "Waiting for machine to boot" /tmp/vagrant_debug.log; then + echo "ℹ INFO: Waiting for machine to boot (this is normal)" + fi + + # Timeout check + if [ $elapsed -ge $max_wait ]; then + echo "" + echo "==========================================" + echo "TIMEOUT after ${max_wait} seconds" + echo "==========================================" + + echo "" + echo "=== Killing vagrant process ===" + kill -TERM $VAGRANT_PID 2>/dev/null + sleep 5 + kill -9 $VAGRANT_PID 2>/dev/null || true + + echo "" + echo "=== Last 100 lines of vagrant debug log ===" + tail -100 /tmp/vagrant_debug.log + + echo "" + echo "=== VirtualBox final state ===" + vboxmanage list vms + vboxmanage list runningvms + if vboxmanage showvminfo ova_base >/dev/null 2>&1; then + vboxmanage showvminfo ova_base + fi + + exit 1 fi done + + # Vagrant process finished, check result + wait $VAGRANT_PID + exit_code=$? + + echo "" + echo "==========================================" + if [ $exit_code -eq 0 ]; then + echo "SUCCESS - Vagrant up completed" + echo "Duration: ${elapsed} seconds" + else + echo "FAILED - Vagrant up failed with exit code: $exit_code" + echo "Duration: ${elapsed} seconds" + echo "" + echo "=== Full vagrant debug log ===" + cat /tmp/vagrant_debug.log + fi + echo "==========================================" + + exit $exit_code + args: executable: /bin/bash - async: 7200 - poll: 0 register: vagrant_up_result - become: true + ignore_errors: yes + timeout: 900 # 15 minutes hard limit - - name: Wait for vagrant up to finish - async_status: - jid: "{{ vagrant_up_result.ansible_job_id }}" - register: job_result - until: job_result.finished - retries: 120 - delay: 60 - - - name: Show the result of the vagrant up command + - name: Show vagrant up results debug: - var: vagrant_up_result - verbosity: 2 + var: vagrant_up_result.stdout_lines - - name: Copy the Python script to the VM + - name: Save vagrant debug log for analysis shell: | - cd /tmp/wazuh-virtual-machines/ova/workflow_assets - vagrant plugin install vagrant-scp - vagrant scp ova_configurer.py :/tmp/ova_configurer.py - args: - chdir: "/tmp/wazuh-virtual-machines/ova/workflow_assets" - become: true - - - name: Execute Python script in the VM - shell: "vagrant ssh -c 'sudo python3 /tmp/ova_configurer.py --wia_branch {{ wia_branch }} --wvm_branch {{ wvm_branch }} --repository {{ repository }} --debug {{ debug}}'" - args: - chdir: "/tmp/wazuh-virtual-machines/ova/workflow_assets" - register: python_script_result - async: 1800 - poll: 0 - - - name: Wait for the Python script to finish - async_status: - jid: "{{ python_script_result.ansible_job_id }}" - register: job_result - until: job_result.finished - retries: 30 - delay: 60 - - # ========================================== - # NUEVO: AÑADIR RED PRIVADA AQUÍ - # ========================================== - - - name: Add private network to VM (two-step approach) - shell: | - echo "=== Checking for host-only network ===" - if ! vboxmanage list hostonlyifs | grep -q vboxnet0; then - echo "Creating host-only network interface..." - vboxmanage hostonlyif create + if [ -f /tmp/vagrant_debug.log ]; then + echo "=== VAGRANT DEBUG LOG AVAILABLE ===" + echo "Log size: $(wc -l /tmp/vagrant_debug.log | awk '{print $1}') lines" + echo "" + echo "=== Searching for key patterns ===" + echo "" + echo "Boot timeouts:" + grep -i "timed out\|timeout" /tmp/vagrant_debug.log | head -20 || echo "None found" + echo "" + echo "SSH issues:" + grep -i "ssh\|authentication" /tmp/vagrant_debug.log | grep -i "error\|fail\|timeout" | head -20 || echo "None found" + echo "" + echo "Network issues:" + grep -i "network\|interface\|adapter" /tmp/vagrant_debug.log | grep -i "error\|fail" | head -20 || echo "None found" + echo "" + echo "Last 50 lines:" + tail -50 /tmp/vagrant_debug.log fi + register: log_analysis + ignore_errors: yes - echo "" - echo "=== Adding NIC2 to ova_base VM ===" - vboxmanage modifyvm ova_base --nic2 hostonly - vboxmanage modifyvm ova_base --cableconnected2 on - - echo "" - echo "=== Verifying network configuration ===" - vboxmanage showvminfo ova_base | grep "NIC 2" - - echo "" - echo "✓ Private network added successfully" - register: add_network_result - - - name: Show network addition results + - name: Show log analysis debug: - var: add_network_result.stdout_lines + var: log_analysis.stdout_lines - # ========================================== - # OPCIONAL: VERIFICAR QUE FUNCIONA - # ========================================== - - - name: Quick test - Start VM and verify eth1 - shell: | - cd /tmp/wazuh-virtual-machines/ova/workflow_assets - - echo "=== Starting VM to test network ===" - vagrant up - - echo "" - echo "=== Waiting 20 seconds for network initialization ===" - sleep 20 - - echo "" - echo "=== Checking eth1 inside VM ===" - vagrant ssh -c "ip addr show eth1 || echo 'eth1 exists but no IP yet (normal)'" - - echo "" - echo "=== Stopping VM ===" - vagrant halt - - echo "" - echo "✓ Network test completed" - args: - chdir: "/tmp/wazuh-virtual-machines/ova/workflow_assets" - register: network_test_result - - - name: Show network test results - debug: - var: network_test_result.stdout_lines - - # ========================================== - # CONTINUAR CON EXPORT NORMAL - # ========================================== - - - name: Export the VM to OVA - shell: "vboxmanage export ova_base --output /home/ec2-user/{{ filename_ova }}" - register: export_result - async: 1800 - poll: 0 - - - name: Wait for export the OVA - async_status: - jid: "{{ export_result.ansible_job_id }}" - register: job_result - until: job_result.finished - retries: 30 - delay: 60 - - - name: Change permissions to the OVA file - file: - path: /home/ec2-user/{{ filename_ova }} - mode: '0755' + - name: Fail playbook if vagrant up failed + fail: + msg: "Vagrant up failed. Check logs above for details." + when: vagrant_up_result.rc != 0 \ No newline at end of file From bb7d806a9bddd4d0d2e3c4953668f17bb9a5d2bc Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 02:30:14 -0300 Subject: [PATCH 06/18] Add simple diagnosis --- .../ansible_playbooks/ova_generator.yaml | 297 ++++++++---------- 1 file changed, 123 insertions(+), 174 deletions(-) diff --git a/.github/workflows/ansible_playbooks/ova_generator.yaml b/.github/workflows/ansible_playbooks/ova_generator.yaml index 50f6a54..4d4f619 100644 --- a/.github/workflows/ansible_playbooks/ova_generator.yaml +++ b/.github/workflows/ansible_playbooks/ova_generator.yaml @@ -112,204 +112,153 @@ fi args: executable: /bin/bash - register: vagrant_cleanup_result become: true # ========================================== - # DIAGNÓSTICO ANTES DE VAGRANT UP + # VAGRANT UP - CAMBIO MÍNIMO: SOLO LOG A ARCHIVO # ========================================== - - name: Pre-vagrant diagnostics - shell: | - echo "==========================================" - echo "PRE-VAGRANT UP DIAGNOSTICS" - echo "==========================================" - echo "" - - echo "=== System Resources ===" - free -h - echo "" - df -h /tmp - echo "" - - echo "=== VirtualBox Status ===" - vboxmanage --version - lsmod | grep vbox - echo "" - - echo "=== Vagrant Info ===" - vagrant --version - vagrant box list - echo "" - - echo "=== Vagrantfile Content ===" - cd /tmp/wazuh-virtual-machines/ova/workflow_assets - cat Vagrantfile - echo "" - - echo "=== Existing VMs ===" - vboxmanage list vms - vboxmanage list runningvms - echo "" - - register: pre_vagrant_diag - - - name: Show pre-vagrant diagnostics - debug: - var: pre_vagrant_diag.stdout_lines - - # ========================================== - # VAGRANT UP CON LOGGING DETALLADO - # ========================================== - - - name: Run vagrant up with detailed logging and timeout monitoring + - name: Run vagrant up shell: | #!/bin/bash - set -x - + MAX_RETRIES=5 + attempts=0 cd /tmp/wazuh-virtual-machines/ova/workflow_assets - echo "==========================================" - echo "STARTING VAGRANT UP WITH DETAILED LOGGING" - echo "Started at: $(date)" - echo "==========================================" + while true; do + ((attempts++)) + echo "Attempt $attempts at $(date)" - # Start vagrant up in background with full debug logging - VAGRANT_LOG=debug vagrant up > /tmp/vagrant_debug.log 2>&1 & - VAGRANT_PID=$! - - echo "Vagrant PID: $VAGRANT_PID" - - # Monitor for 10 minutes with detailed status updates - elapsed=0 - max_wait=600 # 10 minutes - - while kill -0 $VAGRANT_PID 2>/dev/null; do - sleep 30 - elapsed=$((elapsed + 30)) - - echo "" - echo "=== Status at ${elapsed} seconds ===" - echo "Time: $(date)" - - # Check VirtualBox VM status - if vboxmanage showvminfo ova_base >/dev/null 2>&1; then - echo "VM exists, checking state:" - vboxmanage showvminfo ova_base | grep -E "State:|Session name:" - - # Check if SSH port is open - vm_state=$(vboxmanage showvminfo ova_base | grep "State:" | head -1) - if echo "$vm_state" | grep -q "running"; then - echo "VM is running, checking SSH port:" - ss -tln | grep :2222 || echo "SSH port 2222 not listening yet" - fi + # Log to file sin saturar SSH + if VAGRANT_LOG=info vagrant up > /tmp/vagrant_${attempts}.log 2>&1; then + echo "Success on attempt $attempts" + break else - echo "VM 'ova_base' does not exist yet" - fi - - # Show last 10 lines of vagrant output - echo "" - echo "Last 10 lines of vagrant log:" - tail -10 /tmp/vagrant_debug.log | sed 's/^/ /' - - # Check for specific error patterns - if grep -q "Timed out" /tmp/vagrant_debug.log; then - echo "⚠ WARNING: Found 'Timed out' in logs" - fi - if grep -q "SSH auth method" /tmp/vagrant_debug.log; then - echo "⚠ WARNING: SSH authentication issue detected" - fi - if grep -q "Waiting for machine to boot" /tmp/vagrant_debug.log; then - echo "ℹ INFO: Waiting for machine to boot (this is normal)" - fi - - # Timeout check - if [ $elapsed -ge $max_wait ]; then - echo "" - echo "==========================================" - echo "TIMEOUT after ${max_wait} seconds" - echo "==========================================" - - echo "" - echo "=== Killing vagrant process ===" - kill -TERM $VAGRANT_PID 2>/dev/null - sleep 5 - kill -9 $VAGRANT_PID 2>/dev/null || true - - echo "" - echo "=== Last 100 lines of vagrant debug log ===" - tail -100 /tmp/vagrant_debug.log - - echo "" - echo "=== VirtualBox final state ===" - vboxmanage list vms - vboxmanage list runningvms - if vboxmanage showvminfo ova_base >/dev/null 2>&1; then - vboxmanage showvminfo ova_base + echo "Failed on attempt $attempts" + if [ $attempts -eq $MAX_RETRIES ]; then + echo "Max attempts reached" + echo "Last 30 lines of log:" + tail -30 /tmp/vagrant_${attempts}.log + exit 1 fi - - exit 1 + vagrant destroy -f fi done - - # Vagrant process finished, check result - wait $VAGRANT_PID - exit_code=$? - - echo "" - echo "==========================================" - if [ $exit_code -eq 0 ]; then - echo "SUCCESS - Vagrant up completed" - echo "Duration: ${elapsed} seconds" - else - echo "FAILED - Vagrant up failed with exit code: $exit_code" - echo "Duration: ${elapsed} seconds" - echo "" - echo "=== Full vagrant debug log ===" - cat /tmp/vagrant_debug.log - fi - echo "==========================================" - - exit $exit_code - args: executable: /bin/bash + async: 3600 # 1 hora + poll: 0 register: vagrant_up_result - ignore_errors: yes - timeout: 900 # 15 minutes hard limit + become: true - - name: Show vagrant up results + - name: Wait for vagrant up to finish + async_status: + jid: "{{ vagrant_up_result.ansible_job_id }}" + register: job_result + until: job_result.finished + retries: 60 # 60 minutos + delay: 60 + + - name: Show vagrant up result debug: - var: vagrant_up_result.stdout_lines + var: job_result.stdout_lines + when: job_result.stdout_lines is defined - - name: Save vagrant debug log for analysis + # ========================================== + # GUARDAR LOGS PARA ANÁLISIS (SOLO SI FALLA) + # ========================================== + + - name: Collect vagrant logs if failed shell: | - if [ -f /tmp/vagrant_debug.log ]; then - echo "=== VAGRANT DEBUG LOG AVAILABLE ===" - echo "Log size: $(wc -l /tmp/vagrant_debug.log | awk '{print $1}') lines" + if [ -f /tmp/vagrant_*.log ]; then + echo "=== Vagrant logs available ===" + ls -lh /tmp/vagrant_*.log echo "" - echo "=== Searching for key patterns ===" - echo "" - echo "Boot timeouts:" - grep -i "timed out\|timeout" /tmp/vagrant_debug.log | head -20 || echo "None found" - echo "" - echo "SSH issues:" - grep -i "ssh\|authentication" /tmp/vagrant_debug.log | grep -i "error\|fail\|timeout" | head -20 || echo "None found" - echo "" - echo "Network issues:" - grep -i "network\|interface\|adapter" /tmp/vagrant_debug.log | grep -i "error\|fail" | head -20 || echo "None found" - echo "" - echo "Last 50 lines:" - tail -50 /tmp/vagrant_debug.log + echo "=== Last attempt log (last 50 lines) ===" + tail -50 /tmp/vagrant_*.log | tail -1 fi - register: log_analysis + register: vagrant_logs + when: job_result.rc != 0 ignore_errors: yes - - name: Show log analysis + - name: Show vagrant logs debug: - var: log_analysis.stdout_lines + var: vagrant_logs.stdout_lines + when: + - job_result.rc != 0 + - vagrant_logs.stdout_lines is defined - - name: Fail playbook if vagrant up failed - fail: - msg: "Vagrant up failed. Check logs above for details." - when: vagrant_up_result.rc != 0 \ No newline at end of file + # ========================================== + # CONTINUAR NORMAL SI VAGRANT UP FUNCIONÓ + # ========================================== + + - name: Copy the Python script to the VM + shell: | + cd /tmp/wazuh-virtual-machines/ova/workflow_assets + vagrant plugin install vagrant-scp + vagrant scp ova_configurer.py :/tmp/ova_configurer.py + args: + chdir: "/tmp/wazuh-virtual-machines/ova/workflow_assets" + become: true + + - name: Execute Python script in the VM + shell: "vagrant ssh -c 'sudo python3 /tmp/ova_configurer.py --wia_branch {{ wia_branch }} --wvm_branch {{ wvm_branch }} --repository {{ repository }} --debug {{ debug}}'" + args: + chdir: "/tmp/wazuh-virtual-machines/ova/workflow_assets" + register: python_script_result + async: 1800 + poll: 0 + + - name: Wait for the Python script to finish + async_status: + jid: "{{ python_script_result.ansible_job_id }}" + register: job_result + until: job_result.finished + retries: 30 + delay: 60 + + - name: Stop the VM + shell: "vagrant halt" + args: + chdir: "/tmp/wazuh-virtual-machines/ova/workflow_assets" + + # ========================================== + # AÑADIR RED PRIVADA DESPUÉS DE HALT + # ========================================== + + - name: Add private network to VM + shell: | + # Verificar/crear host-only interface + if ! vboxmanage list hostonlyifs | grep -q vboxnet0; then + vboxmanage hostonlyif create + fi + + # Añadir NIC2 + vboxmanage modifyvm ova_base --nic2 hostonly + vboxmanage modifyvm ova_base --cableconnected2 on + + echo "Network configured" + vboxmanage showvminfo ova_base | grep "NIC 2" + + # ========================================== + # EXPORT OVA + # ========================================== + + - name: Export the VM to OVA + shell: "vboxmanage export ova_base --output /home/ec2-user/{{ filename_ova }}" + register: export_result + async: 1800 + poll: 0 + + - name: Wait for export the OVA + async_status: + jid: "{{ export_result.ansible_job_id }}" + register: job_result + until: job_result.finished + retries: 30 + delay: 60 + + - name: Change permissions to the OVA file + file: + path: /home/ec2-user/{{ filename_ova }} + mode: '0755' \ No newline at end of file From abcd1715e9fac219e99c9a934f8234b95607a4ea Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 03:33:16 -0300 Subject: [PATCH 07/18] Add more loggin and boot timeout in vagrant --- .../ansible_playbooks/ova_generator.yaml | 250 +++++++++++++++--- ova/workflow_assets/Vagrantfile | 1 + 2 files changed, 209 insertions(+), 42 deletions(-) diff --git a/.github/workflows/ansible_playbooks/ova_generator.yaml b/.github/workflows/ansible_playbooks/ova_generator.yaml index 4d4f619..d500a44 100644 --- a/.github/workflows/ansible_playbooks/ova_generator.yaml +++ b/.github/workflows/ansible_playbooks/ova_generator.yaml @@ -115,38 +115,157 @@ become: true # ========================================== - # VAGRANT UP - CAMBIO MÍNIMO: SOLO LOG A ARCHIVO + # AUMENTAR BOOT TIMEOUT EN VAGRANTFILE # ========================================== - - name: Run vagrant up + - name: Increase Vagrant boot timeout + shell: | + cd /tmp/wazuh-virtual-machines/ova/workflow_assets + + # Backup original + cp Vagrantfile Vagrantfile.original + + # Add boot_timeout configuration + sed -i '/config.vm.hostname = "wazuh-server"/a \ \n # Increase boot timeout for reliability\n config.vm.boot_timeout = 900 # 15 minutes' Vagrantfile + + echo "=== Modified Vagrantfile ===" + cat Vagrantfile + register: vagrantfile_mod + + - name: Show Vagrantfile modification + debug: + var: vagrantfile_mod.stdout_lines + + # ========================================== + # VAGRANT UP CON LOGGING MEJORADO + # ========================================== + + - name: Run vagrant up with detailed failure logging shell: | #!/bin/bash MAX_RETRIES=5 attempts=0 cd /tmp/wazuh-virtual-machines/ova/workflow_assets + echo "==========================================" + echo "Starting vagrant up attempts" + echo "Time: $(date)" + echo "==========================================" + while true; do ((attempts++)) - echo "Attempt $attempts at $(date)" + start_time=$(date +%s) + echo "" + echo "=== Attempt $attempts started at $(date) ===" - # Log to file sin saturar SSH + # Run vagrant up with logging if VAGRANT_LOG=info vagrant up > /tmp/vagrant_${attempts}.log 2>&1; then - echo "Success on attempt $attempts" + end_time=$(date +%s) + duration=$((end_time - start_time)) + + echo "✓ SUCCESS on attempt $attempts" + echo " Duration: ${duration} seconds" + echo " Completed at: $(date)" + + # Show success details + echo "" + echo "=== VM Status ===" + vagrant status + + echo "" + echo "=== VM Info ===" + vboxmanage showvminfo ova_base | grep -E "State:|Memory|CPUs|NIC" + break else - echo "Failed on attempt $attempts" + end_time=$(date +%s) + duration=$((end_time - start_time)) + + echo "✗ FAILED on attempt $attempts" + echo " Duration: ${duration} seconds" + echo " Failed at: $(date)" + + # Analyze failure + echo "" + echo "=== Failure Analysis ===" + + # Check for common error patterns + if grep -q "Timed out while waiting for the machine to boot" /tmp/vagrant_${attempts}.log; then + echo " Error: Boot timeout - VM didn't respond in time" + fi + + if grep -q "SSH authentication failed" /tmp/vagrant_${attempts}.log; then + echo " Error: SSH authentication issue" + fi + + if grep -q "The following SSH command responded with a non-zero exit status" /tmp/vagrant_${attempts}.log; then + echo " Error: SSH command execution failed" + fi + + # Show last lines of log + echo "" + echo "=== Last 25 lines of vagrant log ===" + tail -25 /tmp/vagrant_${attempts}.log + + # Check VM state + echo "" + echo "=== VirtualBox VM State ===" + if vboxmanage showvminfo ova_base >/dev/null 2>&1; then + vboxmanage showvminfo ova_base | grep "State:" + else + echo " VM does not exist" + fi + if [ $attempts -eq $MAX_RETRIES ]; then - echo "Max attempts reached" - echo "Last 30 lines of log:" - tail -30 /tmp/vagrant_${attempts}.log + echo "" + echo "==========================================" + echo "Max attempts ($MAX_RETRIES) reached" + echo "==========================================" + + # Create summary + echo "" + echo "=== Failure Summary ===" + for i in $(seq 1 $attempts); do + echo "Attempt $i:" + if [ -f /tmp/vagrant_${i}.log ]; then + log_size=$(wc -l < /tmp/vagrant_${i}.log) + echo " Log lines: $log_size" + + # Check for specific errors + if grep -q "Timed out" /tmp/vagrant_${i}.log; then + echo " Issue: Boot timeout" + elif grep -q "SSH" /tmp/vagrant_${i}.log && grep -q "auth\|fail" /tmp/vagrant_${i}.log; then + echo " Issue: SSH authentication" + else + echo " Issue: Unknown" + fi + fi + done + + echo "" + echo "All logs saved to: /tmp/vagrant_*.log" exit 1 fi - vagrant destroy -f + + # Cleanup and retry + echo "" + echo "=== Cleaning up for retry ===" + vagrant destroy -f 2>&1 | head -5 + + # Small delay before retry + echo "Waiting 5 seconds before retry..." + sleep 5 fi done + + echo "" + echo "==========================================" + echo "Vagrant up completed successfully" + echo "Total attempts needed: $attempts" + echo "==========================================" args: executable: /bin/bash - async: 3600 # 1 hora + async: 3600 # 1 hour poll: 0 register: vagrant_up_result become: true @@ -156,40 +275,21 @@ jid: "{{ vagrant_up_result.ansible_job_id }}" register: job_result until: job_result.finished - retries: 60 # 60 minutos + retries: 60 # 60 minutes delay: 60 - - name: Show vagrant up result + - name: Show vagrant up results debug: var: job_result.stdout_lines when: job_result.stdout_lines is defined - # ========================================== - # GUARDAR LOGS PARA ANÁLISIS (SOLO SI FALLA) - # ========================================== - - - name: Collect vagrant logs if failed - shell: | - if [ -f /tmp/vagrant_*.log ]; then - echo "=== Vagrant logs available ===" - ls -lh /tmp/vagrant_*.log - echo "" - echo "=== Last attempt log (last 50 lines) ===" - tail -50 /tmp/vagrant_*.log | tail -1 - fi - register: vagrant_logs + - name: Verify vagrant up succeeded + fail: + msg: "Vagrant up failed after all retries" when: job_result.rc != 0 - ignore_errors: yes - - - name: Show vagrant logs - debug: - var: vagrant_logs.stdout_lines - when: - - job_result.rc != 0 - - vagrant_logs.stdout_lines is defined # ========================================== - # CONTINUAR NORMAL SI VAGRANT UP FUNCIONÓ + # CONTINUAR CON CONFIGURACIÓN # ========================================== - name: Copy the Python script to the VM @@ -226,26 +326,49 @@ # AÑADIR RED PRIVADA DESPUÉS DE HALT # ========================================== - - name: Add private network to VM + - name: Add private network to VM (two-step approach) shell: | - # Verificar/crear host-only interface + echo "=== Checking for host-only network ===" if ! vboxmanage list hostonlyifs | grep -q vboxnet0; then + echo "Creating host-only network interface..." vboxmanage hostonlyif create + else + echo "Host-only interface vboxnet0 already exists" fi - # Añadir NIC2 + echo "" + echo "=== Adding NIC2 to ova_base VM ===" vboxmanage modifyvm ova_base --nic2 hostonly + vboxmanage modifyvm ova_base --hostonlyadapter2 vboxnet0 vboxmanage modifyvm ova_base --cableconnected2 on - echo "Network configured" + echo "" + echo "=== Verifying network configuration ===" vboxmanage showvminfo ova_base | grep "NIC 2" + echo "" + echo "✓ Private network added successfully" + register: add_network_result + + - name: Show network addition results + debug: + var: add_network_result.stdout_lines + # ========================================== # EXPORT OVA # ========================================== - name: Export the VM to OVA - shell: "vboxmanage export ova_base --output /home/ec2-user/{{ filename_ova }}" + shell: | + echo "=== Starting OVA export ===" + echo "Timestamp: $(date)" + + vboxmanage export ova_base --output /home/ec2-user/{{ filename_ova }} + + echo "" + echo "=== Export completed ===" + echo "Timestamp: $(date)" + ls -lh /home/ec2-user/{{ filename_ova }} register: export_result async: 1800 poll: 0 @@ -261,4 +384,47 @@ - name: Change permissions to the OVA file file: path: /home/ec2-user/{{ filename_ova }} - mode: '0755' \ No newline at end of file + mode: '0755' + + # ========================================== + # FINAL VALIDATION AND SUMMARY + # ========================================== + + - name: Validate OVA and generate build summary + shell: | + echo "==========================================" + echo " OVA BUILD SUMMARY" + echo "==========================================" + echo "" + + echo "=== Build Information ===" + echo "OVA File: {{ filename_ova }}" + ls -lh /home/ec2-user/{{ filename_ova }} + + echo "" + echo "=== OVA Validation ===" + cd /tmp + tar -xOf /home/ec2-user/{{ filename_ova }} '*.ovf' > /tmp/final_check.ovf + + nic_count=$(grep -c "rasd:ResourceType>10<" /tmp/final_check.ovf || echo "0") + echo "Network adapters in OVA: $nic_count" + + if [ "$nic_count" -ge 2 ]; then + echo "✓ OVA contains required NICs (eth0 + eth1)" + else + echo "⚠ WARNING: OVA may be missing eth1" + fi + + echo "" + echo "=== Vagrant Logs Available ===" + ls -lh /tmp/vagrant_*.log 2>/dev/null || echo "No vagrant logs found" + + echo "" + echo "=== Build Completed ===" + echo "Timestamp: $(date)" + echo "==========================================" + register: final_summary + + - name: Show final summary + debug: + var: final_summary.stdout_lines \ No newline at end of file diff --git a/ova/workflow_assets/Vagrantfile b/ova/workflow_assets/Vagrantfile index fc0a6fc..6d8c603 100644 --- a/ova/workflow_assets/Vagrantfile +++ b/ova/workflow_assets/Vagrantfile @@ -15,6 +15,7 @@ Vagrant.configure("2") do |config| # using a specific IP. #config.vm.network "private_network", ip: "192.168.56.22", interface: "2" config.vm.hostname = "wazuh-server" + config.vm.boot_timeout = 900 # Example for VirtualBox: # From 574efc81802d80b7cdb4784dbbb86ad7c880ef1a Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 10:25:54 -0300 Subject: [PATCH 08/18] Add som fix and configurations for guest additions --- ova/workflow_assets/Vagrantfile | 12 +++++++++++- ova/workflow_assets/setup.sh | 9 ++++++++- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/ova/workflow_assets/Vagrantfile b/ova/workflow_assets/Vagrantfile index 6d8c603..820d25f 100644 --- a/ova/workflow_assets/Vagrantfile +++ b/ova/workflow_assets/Vagrantfile @@ -15,7 +15,12 @@ Vagrant.configure("2") do |config| # using a specific IP. #config.vm.network "private_network", ip: "192.168.56.22", interface: "2" config.vm.hostname = "wazuh-server" - config.vm.boot_timeout = 900 + config.vm.boot_timeout = 420 + + # SSH configuration for reliability + config.ssh.connect_timeout = 300 # 5 minutes to establish connection + config.ssh.max_tries = 40 # 40 connection attempts + config.ssh.retry_delay = 5 # 5 seconds between retries # Example for VirtualBox: # @@ -25,6 +30,11 @@ Vagrant.configure("2") do |config| vb.cpus = 4 vb.customize ["setextradata", :id, "VBoxInternal/Devices/VMMDev/0/Config/GetHostTimeDisabled", 1] vb.name = "ova_base" + + # Additional reliability settings + # Disable UART to reduce potential boot issues + vb.customize ["modifyvm", :id, "--uart1", "0x3F8", "4"] + vb.customize ["modifyvm", :id, "--uartmode1", "disconnected"] end # end diff --git a/ova/workflow_assets/setup.sh b/ova/workflow_assets/setup.sh index 91fb32a..28fc8c4 100755 --- a/ova/workflow_assets/setup.sh +++ b/ova/workflow_assets/setup.sh @@ -38,7 +38,7 @@ install_dependencies() { # Install the VirtualBox guest additions install_guest_additions() { yum -y install gcc elfutils-libelf-devel kernel-devel libX11 libXt libXext libXmu - + dnf remove $(dnf repoquery --installonly --latest-limit=-1) KERNEL_VERSION=$(ls /lib/modules) @@ -53,6 +53,13 @@ install_guest_additions() { # Run VBox guest additions setup for the Amazon provided kernel /etc/kernel/postinst.d/vboxadd ${KERNEL_VERSION} /sbin/depmod ${KERNEL_VERSION} + + if ! lsmod | grep -q vboxguest; then + echo "ERROR: VirtualBox Guest Additions not loaded" + exit 1 + fi + + echo "✓ Guest Additions verified" } # Enable SSH password authentication From ad3f6cf0525ea413d2478504d89deccac482508d Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 10:41:38 -0300 Subject: [PATCH 09/18] Add to setup.sh to load guest aditions --- ova/workflow_assets/setup.sh | 46 ++++++++++++++++++++++++++++++++---- 1 file changed, 42 insertions(+), 4 deletions(-) diff --git a/ova/workflow_assets/setup.sh b/ova/workflow_assets/setup.sh index 28fc8c4..4455675 100755 --- a/ova/workflow_assets/setup.sh +++ b/ova/workflow_assets/setup.sh @@ -54,14 +54,52 @@ install_guest_additions() { /etc/kernel/postinst.d/vboxadd ${KERNEL_VERSION} /sbin/depmod ${KERNEL_VERSION} - if ! lsmod | grep -q vboxguest; then - echo "ERROR: VirtualBox Guest Additions not loaded" - exit 1 + # ========================================== + # NUEVO: Intentar cargar módulos explícitamente + # ========================================== + + echo "Attempting to load VirtualBox kernel modules..." + + # Cargar módulos manualmente + /sbin/modprobe vboxguest 2>/dev/null || echo "⚠ vboxguest not loaded yet (will load on boot)" + /sbin/modprobe vboxsf 2>/dev/null || echo "⚠ vboxsf not loaded yet (will load on boot)" + /sbin/modprobe vboxvideo 2>/dev/null || echo "⚠ vboxvideo not loaded yet (will load on boot)" + + # Verificar si se cargaron + if lsmod | grep -q vboxguest; then + echo "✓ Guest Additions modules loaded successfully" + else + echo "⚠ Guest Additions modules not loaded in current session" + echo " This is normal when building in chroot environment" + echo " Modules will load on next boot" + + # Verificar que los archivos del módulo existen + if [ -f "/lib/modules/${KERNEL_VERSION}/misc/vboxguest.ko" ]; then + echo "✓ vboxguest.ko exists in /lib/modules/${KERNEL_VERSION}/misc/" + else + echo "✗ ERROR: vboxguest.ko not found!" + exit 1 + fi + + # Verificar que vboxadd service existe + if [ -f "/etc/init.d/vboxadd" ] || [ -f "/usr/lib/systemd/system/vboxadd.service" ]; then + echo "✓ VBoxAdd service files exist" + else + echo "✗ ERROR: VBoxAdd service not installed!" + exit 1 + fi fi - echo "✓ Guest Additions verified" + # Asegurar que el servicio se ejecuta en el boot + if [ -f "/usr/lib/systemd/system/vboxadd.service" ]; then + systemctl enable vboxadd.service 2>/dev/null || true + systemctl enable vboxadd-service.service 2>/dev/null || true + fi + + echo "✓ Guest Additions installation validated" } + # Enable SSH password authentication configure_ssh() { sed -i 's/^#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config From efa9f543ba100aba9cfa095474616612f4393a53 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 11:14:00 -0300 Subject: [PATCH 10/18] Add mor loggin about guest additions --- .../ansible_playbooks/ova_generator.yaml | 327 ++++++++++++------ ova/workflow_assets/Vagrantfile | 5 +- ova/workflow_assets/setup.sh | 2 - 3 files changed, 223 insertions(+), 111 deletions(-) diff --git a/.github/workflows/ansible_playbooks/ova_generator.yaml b/.github/workflows/ansible_playbooks/ova_generator.yaml index d500a44..f43e2a4 100644 --- a/.github/workflows/ansible_playbooks/ova_generator.yaml +++ b/.github/workflows/ansible_playbooks/ova_generator.yaml @@ -97,6 +97,64 @@ retries: 30 delay: 60 + # ========================================== + # NUEVO: MOSTRAR LOGS COMPLETOS DE GENERATE_BASE_BOX + # ========================================== + + - name: Show generate_base_box.sh stdout (full output) + debug: + var: job_result.stdout_lines + when: job_result.stdout_lines is defined + + - name: Show generate_base_box.sh stderr (errors/warnings) + debug: + var: job_result.stderr_lines + when: job_result.stderr_lines is defined + + - name: Search for Guest Additions messages in output + shell: | + echo "=== Searching for Guest Additions related messages ===" + echo "" + + # Buscar en stdout + if [ -f "/root/.ansible_async/{{ job_result.ansible_job_id }}" ]; then + echo "=== Guest Additions installation messages ===" + grep -i "guest additions\|vboxguest\|vboxadd\|vboxservice" "/root/.ansible_async/{{ job_result.ansible_job_id }}" || echo "No Guest Additions messages found in async output" + + echo "" + echo "=== Module verification messages ===" + grep -i "module.*load\|modprobe\|\.ko exists" "/root/.ansible_async/{{ job_result.ansible_job_id }}" || echo "No module messages found" + + echo "" + echo "=== Validation messages ===" + grep -i "validated\|✓\|✗\|ERROR:" "/root/.ansible_async/{{ job_result.ansible_job_id }}" || echo "No validation messages found" + else + echo "Async results file not found" + fi + register: guest_additions_search + ignore_errors: yes + + - name: Show Guest Additions search results + debug: + var: guest_additions_search.stdout_lines + when: guest_additions_search.stdout_lines is defined + + - name: Verify base box was created successfully + shell: | + cd /tmp/wazuh-virtual-machines/ova/workflow_assets + + echo "=== Base box file ===" + ls -lh al2023.box + + echo "" + echo "=== Box file size ===" + du -h al2023.box + register: box_verification + + - name: Show box verification + debug: + var: box_verification.stdout_lines + - name: Add the created box shell: "vagrant box add --name al2023 /tmp/wazuh-virtual-machines/ova/workflow_assets/al2023.box" @@ -114,33 +172,38 @@ executable: /bin/bash become: true - # ========================================== - # AUMENTAR BOOT TIMEOUT EN VAGRANTFILE - # ========================================== - - - name: Increase Vagrant boot timeout + - name: Verify Vagrantfile configuration shell: | cd /tmp/wazuh-virtual-machines/ova/workflow_assets - # Backup original - cp Vagrantfile Vagrantfile.original + echo "=== Current Vagrantfile Configuration ===" + echo "" - # Add boot_timeout configuration - sed -i '/config.vm.hostname = "wazuh-server"/a \ \n # Increase boot timeout for reliability\n config.vm.boot_timeout = 900 # 15 minutes' Vagrantfile + echo "Boot timeout setting:" + grep -n "boot_timeout" Vagrantfile || echo " No boot_timeout found (will use default 300s)" - echo "=== Modified Vagrantfile ===" - cat Vagrantfile - register: vagrantfile_mod + echo "" + echo "SSH configuration:" + grep -n "ssh\." Vagrantfile | head -10 - - name: Show Vagrantfile modification + echo "" + echo "Network configuration:" + grep -n "vm.network" Vagrantfile || echo " Private network is commented (as expected)" + + echo "" + echo "Provider settings:" + grep -n -A8 "vm.provider" Vagrantfile + register: vagrantfile_check + + - name: Show Vagrantfile configuration debug: - var: vagrantfile_mod.stdout_lines + var: vagrantfile_check.stdout_lines # ========================================== - # VAGRANT UP CON LOGGING MEJORADO + # VAGRANT UP CON DIAGNÓSTICO DETALLADO # ========================================== - - name: Run vagrant up with detailed failure logging + - name: Run vagrant up with detailed diagnostics shell: | #!/bin/bash MAX_RETRIES=5 @@ -148,24 +211,25 @@ cd /tmp/wazuh-virtual-machines/ova/workflow_assets echo "==========================================" - echo "Starting vagrant up attempts" - echo "Time: $(date)" + echo "Vagrant Up - Diagnostic Mode" + echo "Started: $(date)" echo "==========================================" while true; do ((attempts++)) start_time=$(date +%s) + echo "" echo "=== Attempt $attempts started at $(date) ===" - # Run vagrant up with logging + # Run vagrant up with detailed logging if VAGRANT_LOG=info vagrant up > /tmp/vagrant_${attempts}.log 2>&1; then end_time=$(date +%s) duration=$((end_time - start_time)) echo "✓ SUCCESS on attempt $attempts" - echo " Duration: ${duration} seconds" - echo " Completed at: $(date)" + echo " Duration: ${duration} seconds ($(($duration / 60)) min $(($duration % 60)) sec)" + echo " Completed: $(date)" # Show success details echo "" @@ -173,8 +237,8 @@ vagrant status echo "" - echo "=== VM Info ===" - vboxmanage showvminfo ova_base | grep -E "State:|Memory|CPUs|NIC" + echo "=== Log size ===" + ls -lh /tmp/vagrant_${attempts}.log break else @@ -182,36 +246,55 @@ duration=$((end_time - start_time)) echo "✗ FAILED on attempt $attempts" - echo " Duration: ${duration} seconds" - echo " Failed at: $(date)" + echo " Duration: ${duration} seconds ($(($duration / 60)) min $(($duration % 60)) sec)" + echo " Failed: $(date)" + echo " Log size: $(ls -lh /tmp/vagrant_${attempts}.log | awk '{print $5}')" - # Analyze failure + # Detailed failure analysis echo "" echo "=== Failure Analysis ===" - # Check for common error patterns + # Check for Vagrantfile errors + if grep -q "shouldn't exist" /tmp/vagrant_${attempts}.log; then + echo " ⚠ Vagrantfile configuration error detected" + grep "shouldn't exist\|deprecated\|invalid" /tmp/vagrant_${attempts}.log | head -5 + fi + + # Check for specific error patterns if grep -q "Timed out while waiting for the machine to boot" /tmp/vagrant_${attempts}.log; then - echo " Error: Boot timeout - VM didn't respond in time" + echo " ⚠ Boot timeout detected" + + # Find when timeout occurred + echo "" + echo " Timeline of boot attempt:" + grep -n "Waiting for machine to boot\|Checking if box\|SSH address:\|Timed out" /tmp/vagrant_${attempts}.log | head -10 fi if grep -q "SSH authentication failed" /tmp/vagrant_${attempts}.log; then - echo " Error: SSH authentication issue" + echo " ⚠ SSH authentication issue" fi - if grep -q "The following SSH command responded with a non-zero exit status" /tmp/vagrant_${attempts}.log; then - echo " Error: SSH command execution failed" + if grep -q "Guest Additions" /tmp/vagrant_${attempts}.log; then + echo " ℹ Guest Additions messages found" + grep -n "Guest Additions" /tmp/vagrant_${attempts}.log | head -3 fi - # Show last lines of log + # Check for VirtualBox errors + if grep -q "VBoxManage\|VERR_\|NS_ERROR" /tmp/vagrant_${attempts}.log; then + echo " ⚠ VirtualBox errors detected" + grep -n "VBoxManage\|VERR_\|NS_ERROR" /tmp/vagrant_${attempts}.log | head -5 + fi + + # Show last significant lines before timeout echo "" - echo "=== Last 25 lines of vagrant log ===" - tail -25 /tmp/vagrant_${attempts}.log + echo "=== Last 30 lines before failure ===" + tail -30 /tmp/vagrant_${attempts}.log - # Check VM state + # Check VM state in VirtualBox echo "" echo "=== VirtualBox VM State ===" if vboxmanage showvminfo ova_base >/dev/null 2>&1; then - vboxmanage showvminfo ova_base | grep "State:" + vboxmanage showvminfo ova_base | grep -E "State:|Session" else echo " VM does not exist" fi @@ -219,40 +302,44 @@ if [ $attempts -eq $MAX_RETRIES ]; then echo "" echo "==========================================" - echo "Max attempts ($MAX_RETRIES) reached" + echo "Max attempts reached ($MAX_RETRIES)" echo "==========================================" - # Create summary + # Generate failure summary echo "" echo "=== Failure Summary ===" for i in $(seq 1 $attempts); do - echo "Attempt $i:" if [ -f /tmp/vagrant_${i}.log ]; then - log_size=$(wc -l < /tmp/vagrant_${i}.log) - echo " Log lines: $log_size" + size=$(ls -lh /tmp/vagrant_${i}.log | awk '{print $5}') + lines=$(wc -l < /tmp/vagrant_${i}.log) - # Check for specific errors - if grep -q "Timed out" /tmp/vagrant_${i}.log; then + echo "" + echo "Attempt $i:" + echo " Log size: $size ($lines lines)" + + if grep -q "shouldn't exist" /tmp/vagrant_${i}.log; then + echo " Issue: Vagrantfile configuration error" + grep "shouldn't exist" /tmp/vagrant_${i}.log | head -2 + elif grep -q "Timed out" /tmp/vagrant_${i}.log; then echo " Issue: Boot timeout" - elif grep -q "SSH" /tmp/vagrant_${i}.log && grep -q "auth\|fail" /tmp/vagrant_${i}.log; then - echo " Issue: SSH authentication" + elif grep -q "SSH" /tmp/vagrant_${i}.log && grep -q -i "fail\|refuse" /tmp/vagrant_${i}.log; then + echo " Issue: SSH connection/authentication" else - echo " Issue: Unknown" + echo " Issue: Unknown - check log file" fi fi done echo "" - echo "All logs saved to: /tmp/vagrant_*.log" + echo "All logs available at: /tmp/vagrant_*.log" exit 1 fi - # Cleanup and retry + # Cleanup and prepare for retry echo "" echo "=== Cleaning up for retry ===" vagrant destroy -f 2>&1 | head -5 - # Small delay before retry echo "Waiting 5 seconds before retry..." sleep 5 fi @@ -260,8 +347,9 @@ echo "" echo "==========================================" - echo "Vagrant up completed successfully" - echo "Total attempts needed: $attempts" + echo "SUCCESS - Vagrant up completed" + echo "Total attempts: $attempts" + echo "Completed: $(date)" echo "==========================================" args: executable: /bin/bash @@ -275,21 +363,56 @@ jid: "{{ vagrant_up_result.ansible_job_id }}" register: job_result until: job_result.finished - retries: 60 # 60 minutes + retries: 60 delay: 60 - name: Show vagrant up results debug: var: job_result.stdout_lines - when: job_result.stdout_lines is defined - - - name: Verify vagrant up succeeded - fail: - msg: "Vagrant up failed after all retries" - when: job_result.rc != 0 # ========================================== - # CONTINUAR CON CONFIGURACIÓN + # VERIFICAR GUEST ADDITIONS EN VM CORRIENDO + # ========================================== + + - name: Check Guest Additions in running VM + shell: | + cd /tmp/wazuh-virtual-machines/ova/workflow_assets + + echo "=== Checking Guest Additions in running VM ===" + echo "" + + echo "Kernel modules loaded:" + vagrant ssh -c "lsmod | grep vbox" || echo "⚠ No VirtualBox modules loaded" + + echo "" + echo "VBoxControl version:" + vagrant ssh -c "VBoxControl --version" || echo "⚠ VBoxControl not available" + + echo "" + echo "VBoxAdd service status:" + vagrant ssh -c "systemctl status vboxadd.service --no-pager" || echo "⚠ vboxadd service not running" + + echo "" + echo "VBoxAdd-service status:" + vagrant ssh -c "systemctl status vboxadd-service.service --no-pager" || echo "⚠ vboxadd-service not running" + + echo "" + echo "VM Boot messages (VirtualBox related):" + vagrant ssh -c "dmesg | grep -i 'vbox\|guest'" | tail -20 || echo "No VirtualBox messages in dmesg" + + echo "" + echo "Check if module files exist:" + vagrant ssh -c "ls -lh /lib/modules/\$(uname -r)/misc/vbox*.ko" || echo "⚠ Module files not found" + register: guest_additions_check + when: job_result.rc == 0 + + - name: Show Guest Additions check results + debug: + var: guest_additions_check.stdout_lines + when: guest_additions_check.stdout_lines is defined + + # ========================================== + # CONTINUAR CON RESTO DEL BUILD # ========================================== - name: Copy the Python script to the VM @@ -322,13 +445,9 @@ args: chdir: "/tmp/wazuh-virtual-machines/ova/workflow_assets" - # ========================================== - # AÑADIR RED PRIVADA DESPUÉS DE HALT - # ========================================== - - - name: Add private network to VM (two-step approach) + - name: Add private network to VM shell: | - echo "=== Checking for host-only network ===" + echo "=== Adding host-only network ===" if ! vboxmanage list hostonlyifs | grep -q vboxnet0; then echo "Creating host-only network interface..." vboxmanage hostonlyif create @@ -337,38 +456,25 @@ fi echo "" - echo "=== Adding NIC2 to ova_base VM ===" + echo "=== Configuring NIC2 ===" vboxmanage modifyvm ova_base --nic2 hostonly vboxmanage modifyvm ova_base --hostonlyadapter2 vboxnet0 vboxmanage modifyvm ova_base --cableconnected2 on echo "" - echo "=== Verifying network configuration ===" + echo "=== Verifying configuration ===" vboxmanage showvminfo ova_base | grep "NIC 2" echo "" - echo "✓ Private network added successfully" - register: add_network_result + echo "✓ Private network configured" + register: network_config - - name: Show network addition results + - name: Show network configuration debug: - var: add_network_result.stdout_lines - - # ========================================== - # EXPORT OVA - # ========================================== + var: network_config.stdout_lines - name: Export the VM to OVA - shell: | - echo "=== Starting OVA export ===" - echo "Timestamp: $(date)" - - vboxmanage export ova_base --output /home/ec2-user/{{ filename_ova }} - - echo "" - echo "=== Export completed ===" - echo "Timestamp: $(date)" - ls -lh /home/ec2-user/{{ filename_ova }} + shell: "vboxmanage export ova_base --output /home/ec2-user/{{ filename_ova }}" register: export_result async: 1800 poll: 0 @@ -387,44 +493,53 @@ mode: '0755' # ========================================== - # FINAL VALIDATION AND SUMMARY + # RESUMEN FINAL # ========================================== - - name: Validate OVA and generate build summary + - name: Generate build summary shell: | echo "==========================================" - echo " OVA BUILD SUMMARY" + echo " BUILD SUMMARY" echo "==========================================" echo "" echo "=== Build Information ===" - echo "OVA File: {{ filename_ova }}" + echo "OVA: {{ filename_ova }}" ls -lh /home/ec2-user/{{ filename_ova }} + echo "Completed: $(date)" echo "" - echo "=== OVA Validation ===" - cd /tmp - tar -xOf /home/ec2-user/{{ filename_ova }} '*.ovf' > /tmp/final_check.ovf + echo "=== Vagrant Attempts ===" + vagrant_logs=$(ls -1 /tmp/vagrant_*.log 2>/dev/null | wc -l) + echo "Total attempts: $vagrant_logs" - nic_count=$(grep -c "rasd:ResourceType>10<" /tmp/final_check.ovf || echo "0") - echo "Network adapters in OVA: $nic_count" - - if [ "$nic_count" -ge 2 ]; then - echo "✓ OVA contains required NICs (eth0 + eth1)" - else - echo "⚠ WARNING: OVA may be missing eth1" + if [ $vagrant_logs -gt 0 ]; then + echo "" + echo "Attempt details:" + for log in /tmp/vagrant_*.log; do + attempt=$(basename $log | sed 's/vagrant_\(.*\)\.log/\1/') + size=$(ls -lh $log | awk '{print $5}') + lines=$(wc -l < $log) + echo " Attempt $attempt: $size ($lines lines)" + done fi echo "" - echo "=== Vagrant Logs Available ===" - ls -lh /tmp/vagrant_*.log 2>/dev/null || echo "No vagrant logs found" + echo "=== Key Findings ===" + if [ -f /tmp/vagrant_1.log ]; then + if grep -q "shouldn't exist" /tmp/vagrant_1.log; then + echo "⚠ Vagrantfile had configuration errors (fixed in later attempts)" + fi + + if grep -q "Guest Additions" /tmp/vagrant_1.log; then + echo "ℹ Guest Additions activity detected in logs" + fi + fi echo "" - echo "=== Build Completed ===" - echo "Timestamp: $(date)" echo "==========================================" - register: final_summary + register: build_summary - - name: Show final summary + - name: Show build summary debug: - var: final_summary.stdout_lines \ No newline at end of file + var: build_summary.stdout_lines \ No newline at end of file diff --git a/ova/workflow_assets/Vagrantfile b/ova/workflow_assets/Vagrantfile index 820d25f..01c8bda 100644 --- a/ova/workflow_assets/Vagrantfile +++ b/ova/workflow_assets/Vagrantfile @@ -18,9 +18,8 @@ Vagrant.configure("2") do |config| config.vm.boot_timeout = 420 # SSH configuration for reliability - config.ssh.connect_timeout = 300 # 5 minutes to establish connection - config.ssh.max_tries = 40 # 40 connection attempts - config.ssh.retry_delay = 5 # 5 seconds between retries + config.ssh.connect_timeout = 180 # Seconds to wait for SSH connection (default: 60) + config.ssh.timeout = 300 # Seconds before timing out a single SSH command (default: 300) # Example for VirtualBox: # diff --git a/ova/workflow_assets/setup.sh b/ova/workflow_assets/setup.sh index 4455675..d16bcfe 100755 --- a/ova/workflow_assets/setup.sh +++ b/ova/workflow_assets/setup.sh @@ -60,12 +60,10 @@ install_guest_additions() { echo "Attempting to load VirtualBox kernel modules..." - # Cargar módulos manualmente /sbin/modprobe vboxguest 2>/dev/null || echo "⚠ vboxguest not loaded yet (will load on boot)" /sbin/modprobe vboxsf 2>/dev/null || echo "⚠ vboxsf not loaded yet (will load on boot)" /sbin/modprobe vboxvideo 2>/dev/null || echo "⚠ vboxvideo not loaded yet (will load on boot)" - # Verificar si se cargaron if lsmod | grep -q vboxguest; then echo "✓ Guest Additions modules loaded successfully" else From 2d2701ea7d67eb49838523345721f59ed5d168ae Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 12:26:00 -0300 Subject: [PATCH 11/18] Remove wrong configurations added to Vagrantfile --- ova/workflow_assets/Vagrantfile | 1 - 1 file changed, 1 deletion(-) diff --git a/ova/workflow_assets/Vagrantfile b/ova/workflow_assets/Vagrantfile index 01c8bda..e2c44cb 100644 --- a/ova/workflow_assets/Vagrantfile +++ b/ova/workflow_assets/Vagrantfile @@ -19,7 +19,6 @@ Vagrant.configure("2") do |config| # SSH configuration for reliability config.ssh.connect_timeout = 180 # Seconds to wait for SSH connection (default: 60) - config.ssh.timeout = 300 # Seconds before timing out a single SSH command (default: 300) # Example for VirtualBox: # From bd3112cb056ce77f7dbbd492118f4881b9faf4f3 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 14:00:44 -0300 Subject: [PATCH 12/18] Add validations of guest additions and user for ssh connections --- ova/workflow_assets/setup.sh | 65 +++++++++++++++++++++++++++--------- 1 file changed, 50 insertions(+), 15 deletions(-) diff --git a/ova/workflow_assets/setup.sh b/ova/workflow_assets/setup.sh index d16bcfe..15f3cee 100755 --- a/ova/workflow_assets/setup.sh +++ b/ova/workflow_assets/setup.sh @@ -28,6 +28,21 @@ setup_user() { echo 'wazuh-user ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/wazuh-user chmod 440 /etc/sudoers.d/wazuh-user + + # ========================================== + # NUEVO: VALIDAR QUE EL USUARIO SE CREÓ + # ========================================== + if ! id wazuh-user >/dev/null 2>&1; then + echo "✗ ERROR: wazuh-user was not created!" + exit 1 + fi + + if [ ! -f /home/wazuh-user/.ssh/authorized_keys ]; then + echo "✗ ERROR: SSH authorized_keys not created!" + exit 1 + fi + + echo "✓ wazuh-user configured successfully" } # Install legacy network-scripts required by Vagrant and git required to generate the OVA @@ -46,24 +61,19 @@ install_guest_additions() { wget -nv https://download.virtualbox.org/virtualbox/${VIRTUALBOX_VERSION}/VBoxGuestAdditions_${VIRTUALBOX_VERSION}.iso -O /root/VBoxGuestAdditions.iso mount -o ro,loop /root/VBoxGuestAdditions.iso /mnt - sh /mnt/VBoxLinuxAdditions.run || true # Allow script to proceed despite potential errors + sh /mnt/VBoxLinuxAdditions.run || true umount /mnt rm -f /root/VBoxGuestAdditions.iso - # Run VBox guest additions setup for the Amazon provided kernel /etc/kernel/postinst.d/vboxadd ${KERNEL_VERSION} /sbin/depmod ${KERNEL_VERSION} - # ========================================== - # NUEVO: Intentar cargar módulos explícitamente - # ========================================== - - echo "Attempting to load VirtualBox kernel modules..." - + # Intentar cargar módulos /sbin/modprobe vboxguest 2>/dev/null || echo "⚠ vboxguest not loaded yet (will load on boot)" /sbin/modprobe vboxsf 2>/dev/null || echo "⚠ vboxsf not loaded yet (will load on boot)" /sbin/modprobe vboxvideo 2>/dev/null || echo "⚠ vboxvideo not loaded yet (will load on boot)" + # Validación if lsmod | grep -q vboxguest; then echo "✓ Guest Additions modules loaded successfully" else @@ -71,7 +81,6 @@ install_guest_additions() { echo " This is normal when building in chroot environment" echo " Modules will load on next boot" - # Verificar que los archivos del módulo existen if [ -f "/lib/modules/${KERNEL_VERSION}/misc/vboxguest.ko" ]; then echo "✓ vboxguest.ko exists in /lib/modules/${KERNEL_VERSION}/misc/" else @@ -79,7 +88,6 @@ install_guest_additions() { exit 1 fi - # Verificar que vboxadd service existe if [ -f "/etc/init.d/vboxadd" ] || [ -f "/usr/lib/systemd/system/vboxadd.service" ]; then echo "✓ VBoxAdd service files exist" else @@ -88,15 +96,42 @@ install_guest_additions() { fi fi - # Asegurar que el servicio se ejecuta en el boot + # ========================================== + # NUEVO: FORZAR HABILITACIÓN DE SERVICIOS + # ========================================== + + # Habilitar servicios de Guest Additions if [ -f "/usr/lib/systemd/system/vboxadd.service" ]; then - systemctl enable vboxadd.service 2>/dev/null || true - systemctl enable vboxadd-service.service 2>/dev/null || true + # Crear enlaces simbólicos manualmente para asegurar que se ejecuten + mkdir -p /etc/systemd/system/multi-user.target.wants + ln -sf /usr/lib/systemd/system/vboxadd.service /etc/systemd/system/multi-user.target.wants/vboxadd.service + ln -sf /usr/lib/systemd/system/vboxadd-service.service /etc/systemd/system/multi-user.target.wants/vboxadd-service.service + echo "✓ VBoxAdd services enabled via symlinks" fi - echo "✓ Guest Additions installation validated" -} + # CRÍTICO: Asegurar que vboxadd.sh se ejecute en el boot + # Añadir a rc.local como fallback + if [ ! -f /etc/rc.d/rc.local ]; then + touch /etc/rc.d/rc.local + chmod +x /etc/rc.d/rc.local + fi + # Añadir comando para cargar módulos al inicio + cat >> /etc/rc.d/rc.local << 'EOF' +# VirtualBox Guest Additions - ensure modules are loaded +if [ -f /etc/init.d/vboxadd ]; then + /etc/init.d/vboxadd start || true +fi +EOF + chmod +x /etc/rc.d/rc.local + + # Habilitar rc-local.service + if [ -f /usr/lib/systemd/system/rc-local.service ]; then + ln -sf /usr/lib/systemd/system/rc-local.service /etc/systemd/system/multi-user.target.wants/rc-local.service + fi + + echo "✓ Guest Additions installation validated and boot scripts configured" +} # Enable SSH password authentication configure_ssh() { From ff84727442776f1c2080bee8a24005c26fd76e65 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 16:39:43 -0300 Subject: [PATCH 13/18] Add show key for connect directly --- .github/workflows/builder_OVA.yaml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/.github/workflows/builder_OVA.yaml b/.github/workflows/builder_OVA.yaml index ab3d531..f7a2110 100644 --- a/.github/workflows/builder_OVA.yaml +++ b/.github/workflows/builder_OVA.yaml @@ -162,12 +162,12 @@ jobs: source ${{ env.ALLOCATOR_PATH }}/inventory_vars.yml # Enmascarar las variables sensibles - echo "::add-mask::$ansible_host" - echo "::add-mask::$ansible_port" - echo "::add-mask::$ansible_user" - echo "::add-mask::$ansible_ssh_private_key_file" - echo "::add-mask::$ansible_ssh_common_args" - echo "::add-mask::$identifier" + + + + + + cat "${{ env.ALLOCATOR_PATH }}/inventory_vars.yml" >> $GITHUB_ENV - name: Generate inventory @@ -177,7 +177,10 @@ jobs: - name: Show inventory run: | - cat ${{ env.ALLOCATOR_PATH }}/inventory_ansible.ini + echo ${{ env.ansible_ssh_private_key_file }} + echo ${{ env.ansible_port }} + echo ${{ env.ansible_user }} + echo ${{ env.ansible_host }} - name: Install Python3 in the AWS instance run: | From d5dc2b692a9824787c5296bf15b10c59501de322 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 16:43:50 -0300 Subject: [PATCH 14/18] Add show key for connect directly --- .github/workflows/builder_OVA.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/builder_OVA.yaml b/.github/workflows/builder_OVA.yaml index f7a2110..9441100 100644 --- a/.github/workflows/builder_OVA.yaml +++ b/.github/workflows/builder_OVA.yaml @@ -177,7 +177,7 @@ jobs: - name: Show inventory run: | - echo ${{ env.ansible_ssh_private_key_file }} + cat ${{ env.ansible_ssh_private_key_file }} echo ${{ env.ansible_port }} echo ${{ env.ansible_user }} echo ${{ env.ansible_host }} From e848a10ffc97ec2008926626ce3f1a3c9f2b3af5 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 16 Oct 2025 20:03:01 -0300 Subject: [PATCH 15/18] Fix setup ssh configuration posible problem, revert all diagnostic changes --- .../ansible_playbooks/ova_generator.yaml | 362 +----------------- .github/workflows/builder_OVA.yaml | 25 +- ova/workflow_assets/Vagrantfile | 12 +- ova/workflow_assets/setup.sh | 50 ++- 4 files changed, 47 insertions(+), 402 deletions(-) diff --git a/.github/workflows/ansible_playbooks/ova_generator.yaml b/.github/workflows/ansible_playbooks/ova_generator.yaml index f43e2a4..4606b71 100644 --- a/.github/workflows/ansible_playbooks/ova_generator.yaml +++ b/.github/workflows/ansible_playbooks/ova_generator.yaml @@ -97,64 +97,6 @@ retries: 30 delay: 60 - # ========================================== - # NUEVO: MOSTRAR LOGS COMPLETOS DE GENERATE_BASE_BOX - # ========================================== - - - name: Show generate_base_box.sh stdout (full output) - debug: - var: job_result.stdout_lines - when: job_result.stdout_lines is defined - - - name: Show generate_base_box.sh stderr (errors/warnings) - debug: - var: job_result.stderr_lines - when: job_result.stderr_lines is defined - - - name: Search for Guest Additions messages in output - shell: | - echo "=== Searching for Guest Additions related messages ===" - echo "" - - # Buscar en stdout - if [ -f "/root/.ansible_async/{{ job_result.ansible_job_id }}" ]; then - echo "=== Guest Additions installation messages ===" - grep -i "guest additions\|vboxguest\|vboxadd\|vboxservice" "/root/.ansible_async/{{ job_result.ansible_job_id }}" || echo "No Guest Additions messages found in async output" - - echo "" - echo "=== Module verification messages ===" - grep -i "module.*load\|modprobe\|\.ko exists" "/root/.ansible_async/{{ job_result.ansible_job_id }}" || echo "No module messages found" - - echo "" - echo "=== Validation messages ===" - grep -i "validated\|✓\|✗\|ERROR:" "/root/.ansible_async/{{ job_result.ansible_job_id }}" || echo "No validation messages found" - else - echo "Async results file not found" - fi - register: guest_additions_search - ignore_errors: yes - - - name: Show Guest Additions search results - debug: - var: guest_additions_search.stdout_lines - when: guest_additions_search.stdout_lines is defined - - - name: Verify base box was created successfully - shell: | - cd /tmp/wazuh-virtual-machines/ova/workflow_assets - - echo "=== Base box file ===" - ls -lh al2023.box - - echo "" - echo "=== Box file size ===" - du -h al2023.box - register: box_verification - - - name: Show box verification - debug: - var: box_verification.stdout_lines - - name: Add the created box shell: "vagrant box add --name al2023 /tmp/wazuh-virtual-machines/ova/workflow_assets/al2023.box" @@ -170,190 +112,31 @@ fi args: executable: /bin/bash + register: vagrant_up_result become: true - - name: Verify Vagrantfile configuration - shell: | - cd /tmp/wazuh-virtual-machines/ova/workflow_assets - - echo "=== Current Vagrantfile Configuration ===" - echo "" - - echo "Boot timeout setting:" - grep -n "boot_timeout" Vagrantfile || echo " No boot_timeout found (will use default 300s)" - - echo "" - echo "SSH configuration:" - grep -n "ssh\." Vagrantfile | head -10 - - echo "" - echo "Network configuration:" - grep -n "vm.network" Vagrantfile || echo " Private network is commented (as expected)" - - echo "" - echo "Provider settings:" - grep -n -A8 "vm.provider" Vagrantfile - register: vagrantfile_check - - - name: Show Vagrantfile configuration - debug: - var: vagrantfile_check.stdout_lines - - # ========================================== - # VAGRANT UP CON DIAGNÓSTICO DETALLADO - # ========================================== - - - name: Run vagrant up with detailed diagnostics + - name: Run vagrant up shell: | #!/bin/bash - MAX_RETRIES=5 + MAX_RETRIES=10 attempts=0 cd /tmp/wazuh-virtual-machines/ova/workflow_assets - - echo "==========================================" - echo "Vagrant Up - Diagnostic Mode" - echo "Started: $(date)" - echo "==========================================" - while true; do ((attempts++)) - start_time=$(date +%s) - - echo "" - echo "=== Attempt $attempts started at $(date) ===" - - # Run vagrant up with detailed logging - if VAGRANT_LOG=info vagrant up > /tmp/vagrant_${attempts}.log 2>&1; then - end_time=$(date +%s) - duration=$((end_time - start_time)) - - echo "✓ SUCCESS on attempt $attempts" - echo " Duration: ${duration} seconds ($(($duration / 60)) min $(($duration % 60)) sec)" - echo " Completed: $(date)" - - # Show success details - echo "" - echo "=== VM Status ===" - vagrant status - - echo "" - echo "=== Log size ===" - ls -lh /tmp/vagrant_${attempts}.log - + echo "Attempt $attempts" + if vagrant up; then break else - end_time=$(date +%s) - duration=$((end_time - start_time)) - - echo "✗ FAILED on attempt $attempts" - echo " Duration: ${duration} seconds ($(($duration / 60)) min $(($duration % 60)) sec)" - echo " Failed: $(date)" - echo " Log size: $(ls -lh /tmp/vagrant_${attempts}.log | awk '{print $5}')" - - # Detailed failure analysis - echo "" - echo "=== Failure Analysis ===" - - # Check for Vagrantfile errors - if grep -q "shouldn't exist" /tmp/vagrant_${attempts}.log; then - echo " ⚠ Vagrantfile configuration error detected" - grep "shouldn't exist\|deprecated\|invalid" /tmp/vagrant_${attempts}.log | head -5 - fi - - # Check for specific error patterns - if grep -q "Timed out while waiting for the machine to boot" /tmp/vagrant_${attempts}.log; then - echo " ⚠ Boot timeout detected" - - # Find when timeout occurred - echo "" - echo " Timeline of boot attempt:" - grep -n "Waiting for machine to boot\|Checking if box\|SSH address:\|Timed out" /tmp/vagrant_${attempts}.log | head -10 - fi - - if grep -q "SSH authentication failed" /tmp/vagrant_${attempts}.log; then - echo " ⚠ SSH authentication issue" - fi - - if grep -q "Guest Additions" /tmp/vagrant_${attempts}.log; then - echo " ℹ Guest Additions messages found" - grep -n "Guest Additions" /tmp/vagrant_${attempts}.log | head -3 - fi - - # Check for VirtualBox errors - if grep -q "VBoxManage\|VERR_\|NS_ERROR" /tmp/vagrant_${attempts}.log; then - echo " ⚠ VirtualBox errors detected" - grep -n "VBoxManage\|VERR_\|NS_ERROR" /tmp/vagrant_${attempts}.log | head -5 - fi - - # Show last significant lines before timeout - echo "" - echo "=== Last 30 lines before failure ===" - tail -30 /tmp/vagrant_${attempts}.log - - # Check VM state in VirtualBox - echo "" - echo "=== VirtualBox VM State ===" - if vboxmanage showvminfo ova_base >/dev/null 2>&1; then - vboxmanage showvminfo ova_base | grep -E "State:|Session" - else - echo " VM does not exist" - fi - if [ $attempts -eq $MAX_RETRIES ]; then - echo "" - echo "==========================================" - echo "Max attempts reached ($MAX_RETRIES)" - echo "==========================================" - - # Generate failure summary - echo "" - echo "=== Failure Summary ===" - for i in $(seq 1 $attempts); do - if [ -f /tmp/vagrant_${i}.log ]; then - size=$(ls -lh /tmp/vagrant_${i}.log | awk '{print $5}') - lines=$(wc -l < /tmp/vagrant_${i}.log) - - echo "" - echo "Attempt $i:" - echo " Log size: $size ($lines lines)" - - if grep -q "shouldn't exist" /tmp/vagrant_${i}.log; then - echo " Issue: Vagrantfile configuration error" - grep "shouldn't exist" /tmp/vagrant_${i}.log | head -2 - elif grep -q "Timed out" /tmp/vagrant_${i}.log; then - echo " Issue: Boot timeout" - elif grep -q "SSH" /tmp/vagrant_${i}.log && grep -q -i "fail\|refuse" /tmp/vagrant_${i}.log; then - echo " Issue: SSH connection/authentication" - else - echo " Issue: Unknown - check log file" - fi - fi - done - - echo "" - echo "All logs available at: /tmp/vagrant_*.log" + echo "Max attempts reached" exit 1 fi - - # Cleanup and prepare for retry - echo "" - echo "=== Cleaning up for retry ===" - vagrant destroy -f 2>&1 | head -5 - - echo "Waiting 5 seconds before retry..." - sleep 5 + vagrant destroy -f fi done - - echo "" - echo "==========================================" - echo "SUCCESS - Vagrant up completed" - echo "Total attempts: $attempts" - echo "Completed: $(date)" - echo "==========================================" args: executable: /bin/bash - async: 3600 # 1 hour + async: 7200 poll: 0 register: vagrant_up_result become: true @@ -363,57 +146,13 @@ jid: "{{ vagrant_up_result.ansible_job_id }}" register: job_result until: job_result.finished - retries: 60 + retries: 120 delay: 60 - - name: Show vagrant up results + - name: Show the result of the vagrant up command debug: - var: job_result.stdout_lines - - # ========================================== - # VERIFICAR GUEST ADDITIONS EN VM CORRIENDO - # ========================================== - - - name: Check Guest Additions in running VM - shell: | - cd /tmp/wazuh-virtual-machines/ova/workflow_assets - - echo "=== Checking Guest Additions in running VM ===" - echo "" - - echo "Kernel modules loaded:" - vagrant ssh -c "lsmod | grep vbox" || echo "⚠ No VirtualBox modules loaded" - - echo "" - echo "VBoxControl version:" - vagrant ssh -c "VBoxControl --version" || echo "⚠ VBoxControl not available" - - echo "" - echo "VBoxAdd service status:" - vagrant ssh -c "systemctl status vboxadd.service --no-pager" || echo "⚠ vboxadd service not running" - - echo "" - echo "VBoxAdd-service status:" - vagrant ssh -c "systemctl status vboxadd-service.service --no-pager" || echo "⚠ vboxadd-service not running" - - echo "" - echo "VM Boot messages (VirtualBox related):" - vagrant ssh -c "dmesg | grep -i 'vbox\|guest'" | tail -20 || echo "No VirtualBox messages in dmesg" - - echo "" - echo "Check if module files exist:" - vagrant ssh -c "ls -lh /lib/modules/\$(uname -r)/misc/vbox*.ko" || echo "⚠ Module files not found" - register: guest_additions_check - when: job_result.rc == 0 - - - name: Show Guest Additions check results - debug: - var: guest_additions_check.stdout_lines - when: guest_additions_check.stdout_lines is defined - - # ========================================== - # CONTINUAR CON RESTO DEL BUILD - # ========================================== + var: vagrant_up_result + verbosity: 2 - name: Copy the Python script to the VM shell: | @@ -445,34 +184,11 @@ args: chdir: "/tmp/wazuh-virtual-machines/ova/workflow_assets" - - name: Add private network to VM + - name: Configure VM network in VirtualBox shell: | - echo "=== Adding host-only network ===" - if ! vboxmanage list hostonlyifs | grep -q vboxnet0; then - echo "Creating host-only network interface..." - vboxmanage hostonlyif create - else - echo "Host-only interface vboxnet0 already exists" - fi - - echo "" - echo "=== Configuring NIC2 ===" vboxmanage modifyvm ova_base --nic2 hostonly - vboxmanage modifyvm ova_base --hostonlyadapter2 vboxnet0 vboxmanage modifyvm ova_base --cableconnected2 on - echo "" - echo "=== Verifying configuration ===" - vboxmanage showvminfo ova_base | grep "NIC 2" - - echo "" - echo "✓ Private network configured" - register: network_config - - - name: Show network configuration - debug: - var: network_config.stdout_lines - - name: Export the VM to OVA shell: "vboxmanage export ova_base --output /home/ec2-user/{{ filename_ova }}" register: export_result @@ -491,55 +207,3 @@ file: path: /home/ec2-user/{{ filename_ova }} mode: '0755' - - # ========================================== - # RESUMEN FINAL - # ========================================== - - - name: Generate build summary - shell: | - echo "==========================================" - echo " BUILD SUMMARY" - echo "==========================================" - echo "" - - echo "=== Build Information ===" - echo "OVA: {{ filename_ova }}" - ls -lh /home/ec2-user/{{ filename_ova }} - echo "Completed: $(date)" - - echo "" - echo "=== Vagrant Attempts ===" - vagrant_logs=$(ls -1 /tmp/vagrant_*.log 2>/dev/null | wc -l) - echo "Total attempts: $vagrant_logs" - - if [ $vagrant_logs -gt 0 ]; then - echo "" - echo "Attempt details:" - for log in /tmp/vagrant_*.log; do - attempt=$(basename $log | sed 's/vagrant_\(.*\)\.log/\1/') - size=$(ls -lh $log | awk '{print $5}') - lines=$(wc -l < $log) - echo " Attempt $attempt: $size ($lines lines)" - done - fi - - echo "" - echo "=== Key Findings ===" - if [ -f /tmp/vagrant_1.log ]; then - if grep -q "shouldn't exist" /tmp/vagrant_1.log; then - echo "⚠ Vagrantfile had configuration errors (fixed in later attempts)" - fi - - if grep -q "Guest Additions" /tmp/vagrant_1.log; then - echo "ℹ Guest Additions activity detected in logs" - fi - fi - - echo "" - echo "==========================================" - register: build_summary - - - name: Show build summary - debug: - var: build_summary.stdout_lines \ No newline at end of file diff --git a/.github/workflows/builder_OVA.yaml b/.github/workflows/builder_OVA.yaml index 9441100..2651130 100644 --- a/.github/workflows/builder_OVA.yaml +++ b/.github/workflows/builder_OVA.yaml @@ -162,12 +162,12 @@ jobs: source ${{ env.ALLOCATOR_PATH }}/inventory_vars.yml # Enmascarar las variables sensibles - - - - - - + echo "::add-mask::$ansible_host" + echo "::add-mask::$ansible_port" + echo "::add-mask::$ansible_user" + echo "::add-mask::$ansible_ssh_private_key_file" + echo "::add-mask::$ansible_ssh_common_args" + echo "::add-mask::$identifier" cat "${{ env.ALLOCATOR_PATH }}/inventory_vars.yml" >> $GITHUB_ENV - name: Generate inventory @@ -175,13 +175,6 @@ jobs: echo "[gha_instance]" > ${{ env.ALLOCATOR_PATH }}/inventory_ansible.ini echo "${{ env.ansible_host }} ansible_port=${{ env.ansible_port }} ansible_user=${{ env.ansible_user }} ansible_ssh_private_key_file=${{ env.ansible_ssh_private_key_file }} ansible_ssh_common_args='${{ env.ansible_ssh_common_args }}'" >> ${{ env.ALLOCATOR_PATH }}/inventory_ansible.ini - - name: Show inventory - run: | - cat ${{ env.ansible_ssh_private_key_file }} - echo ${{ env.ansible_port }} - echo ${{ env.ansible_user }} - echo ${{ env.ansible_host }} - - name: Install Python3 in the AWS instance run: | ssh -p ${{ env.ansible_port }} -i ${{ env.ansible_ssh_private_key_file }} -o 'StrictHostKeyChecking no' ${{ env.ansible_user }}@${{ env.ansible_host }} "sudo yum install -y python3" @@ -225,6 +218,6 @@ jobs: s3uri="s3://${{ env.S3_BUCKET }}/${{ env.S3_PATH }}/${{ env.FILENAME_SHA }}" echo "S3 sha512 OVA URI: ${s3uri}" - #- name: Delete allocated VM - # if: always() && steps.alloc_vm.outcome == 'success' - # run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output ${{ env.ALLOCATOR_PATH }}/track.yml + - name: Delete allocated VM + if: always() && steps.alloc_vm.outcome == 'success' + run: python3 wazuh-automation/deployability/modules/allocation/main.py --action delete --track-output ${{ env.ALLOCATOR_PATH }}/track.yml diff --git a/ova/workflow_assets/Vagrantfile b/ova/workflow_assets/Vagrantfile index e2c44cb..64197d8 100644 --- a/ova/workflow_assets/Vagrantfile +++ b/ova/workflow_assets/Vagrantfile @@ -13,13 +13,10 @@ Vagrant.configure("2") do |config| # Create a private network, which allows host-only access to the machine # using a specific IP. - #config.vm.network "private_network", ip: "192.168.56.22", interface: "2" + config.vm.network "private_network", ip: "192.168.56.22", interface: "2" config.vm.hostname = "wazuh-server" config.vm.boot_timeout = 420 - # SSH configuration for reliability - config.ssh.connect_timeout = 180 # Seconds to wait for SSH connection (default: 60) - # Example for VirtualBox: # config.vm.provider "virtualbox" do |vb| @@ -28,11 +25,6 @@ Vagrant.configure("2") do |config| vb.cpus = 4 vb.customize ["setextradata", :id, "VBoxInternal/Devices/VMMDev/0/Config/GetHostTimeDisabled", 1] vb.name = "ova_base" - - # Additional reliability settings - # Disable UART to reduce potential boot issues - vb.customize ["modifyvm", :id, "--uart1", "0x3F8", "4"] - vb.customize ["modifyvm", :id, "--uartmode1", "disconnected"] end # -end +end \ No newline at end of file diff --git a/ova/workflow_assets/setup.sh b/ova/workflow_assets/setup.sh index 15f3cee..cf0cead 100755 --- a/ova/workflow_assets/setup.sh +++ b/ova/workflow_assets/setup.sh @@ -28,21 +28,6 @@ setup_user() { echo 'wazuh-user ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/wazuh-user chmod 440 /etc/sudoers.d/wazuh-user - - # ========================================== - # NUEVO: VALIDAR QUE EL USUARIO SE CREÓ - # ========================================== - if ! id wazuh-user >/dev/null 2>&1; then - echo "✗ ERROR: wazuh-user was not created!" - exit 1 - fi - - if [ ! -f /home/wazuh-user/.ssh/authorized_keys ]; then - echo "✗ ERROR: SSH authorized_keys not created!" - exit 1 - fi - - echo "✓ wazuh-user configured successfully" } # Install legacy network-scripts required by Vagrant and git required to generate the OVA @@ -61,19 +46,20 @@ install_guest_additions() { wget -nv https://download.virtualbox.org/virtualbox/${VIRTUALBOX_VERSION}/VBoxGuestAdditions_${VIRTUALBOX_VERSION}.iso -O /root/VBoxGuestAdditions.iso mount -o ro,loop /root/VBoxGuestAdditions.iso /mnt - sh /mnt/VBoxLinuxAdditions.run || true + sh /mnt/VBoxLinuxAdditions.run || true # Allow script to proceed despite potential errors umount /mnt rm -f /root/VBoxGuestAdditions.iso + # Run VBox guest additions setup for the Amazon provided kernel /etc/kernel/postinst.d/vboxadd ${KERNEL_VERSION} /sbin/depmod ${KERNEL_VERSION} - # Intentar cargar módulos + # Try to load modules /sbin/modprobe vboxguest 2>/dev/null || echo "⚠ vboxguest not loaded yet (will load on boot)" /sbin/modprobe vboxsf 2>/dev/null || echo "⚠ vboxsf not loaded yet (will load on boot)" /sbin/modprobe vboxvideo 2>/dev/null || echo "⚠ vboxvideo not loaded yet (will load on boot)" - # Validación + # Validation if lsmod | grep -q vboxguest; then echo "✓ Guest Additions modules loaded successfully" else @@ -96,27 +82,26 @@ install_guest_additions() { fi fi - # ========================================== - # NUEVO: FORZAR HABILITACIÓN DE SERVICIOS - # ========================================== + # ============================================ + # NEW: FORCE ENABLE SERVICES + # ============================================ - # Habilitar servicios de Guest Additions + # Enable Guest Additions services if [ -f "/usr/lib/systemd/system/vboxadd.service" ]; then - # Crear enlaces simbólicos manualmente para asegurar que se ejecuten + # Create symlinks manually to ensure they are executed mkdir -p /etc/systemd/system/multi-user.target.wants ln -sf /usr/lib/systemd/system/vboxadd.service /etc/systemd/system/multi-user.target.wants/vboxadd.service ln -sf /usr/lib/systemd/system/vboxadd-service.service /etc/systemd/system/multi-user.target.wants/vboxadd-service.service echo "✓ VBoxAdd services enabled via symlinks" fi - # CRÍTICO: Asegurar que vboxadd.sh se ejecute en el boot - # Añadir a rc.local como fallback + # Add to rc.local as fallback if [ ! -f /etc/rc.d/rc.local ]; then touch /etc/rc.d/rc.local chmod +x /etc/rc.d/rc.local fi - # Añadir comando para cargar módulos al inicio + # Add command to load modules on boot cat >> /etc/rc.d/rc.local << 'EOF' # VirtualBox Guest Additions - ensure modules are loaded if [ -f /etc/init.d/vboxadd ]; then @@ -125,7 +110,7 @@ fi EOF chmod +x /etc/rc.d/rc.local - # Habilitar rc-local.service + # Enable rc-local.service if [ -f /usr/lib/systemd/system/rc-local.service ]; then ln -sf /usr/lib/systemd/system/rc-local.service /etc/systemd/system/multi-user.target.wants/rc-local.service fi @@ -135,8 +120,19 @@ EOF # Enable SSH password authentication configure_ssh() { + # Modify the main config sed -i 's/^#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config sed -i 's/^PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config + + # Create an explicit override file + mkdir -p /etc/ssh/sshd_config.d/ + cat > /etc/ssh/sshd_config.d/50-vagrant-password-auth.conf << 'EOF' +PasswordAuthentication yes +PubkeyAuthentication yes +ChallengeResponseAuthentication no +EOF + + chmod 600 /etc/ssh/sshd_config.d/50-vagrant-password-auth.conf systemctl restart sshd } From 4f69145a1e2119f23d4f92f775fdcd327e51ee14 Mon Sep 17 00:00:00 2001 From: wazuhci <22834044+wazuhci@users.noreply.github.com> Date: Fri, 17 Oct 2025 09:09:33 +0000 Subject: [PATCH 16/18] feat: bump 4.14.0 --- VERSION.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION.json b/VERSION.json index 2a0ff37..6b4227d 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1,4 +1,4 @@ { "version": "4.14.0", - "stage": "rc1" + "stage": "rc2" } From c063ebd943c25e550cd36c7e4ce8274028c0966d Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Fri, 17 Oct 2025 17:58:01 -0300 Subject: [PATCH 17/18] Reduce retries for Vagrant up not needed anymore --- .github/workflows/ansible_playbooks/ova_generator.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ansible_playbooks/ova_generator.yaml b/.github/workflows/ansible_playbooks/ova_generator.yaml index 4606b71..64267b2 100644 --- a/.github/workflows/ansible_playbooks/ova_generator.yaml +++ b/.github/workflows/ansible_playbooks/ova_generator.yaml @@ -146,7 +146,7 @@ jid: "{{ vagrant_up_result.ansible_job_id }}" register: job_result until: job_result.finished - retries: 120 + retries: 30 delay: 60 - name: Show the result of the vagrant up command From c4ebe0b2ee12b8fd5b440ccff0f733bc09517e6c Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Fri, 17 Oct 2025 18:09:02 -0300 Subject: [PATCH 18/18] Update CHANGELOG --- CHANGELOG.md | 2 +- ova/workflow_assets/Vagrantfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e6d312..270aede 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,7 +13,7 @@ All notable changes to this project will be documented in this file. ### Fixed -- None +- Fix vagrant up inconsistencies at the start. ([#434](https://github.com/wazuh/wazuh-virtual-machines/pull/434)) ### Deleted diff --git a/ova/workflow_assets/Vagrantfile b/ova/workflow_assets/Vagrantfile index 64197d8..a8fdd6f 100644 --- a/ova/workflow_assets/Vagrantfile +++ b/ova/workflow_assets/Vagrantfile @@ -27,4 +27,4 @@ Vagrant.configure("2") do |config| vb.name = "ova_base" end # -end \ No newline at end of file +end