paulmataruso/wazuh-docker-mirror
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-11-02 04:53:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Resolve conflicts

Browse Source
This commit is contained in:
vcerenu
2024-10-17 12:22:38 -03:00
parent 5bbacebe89 b1f0a1f46a
commit 691694a38d
15 changed files with 212 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.env
View File

@@ -1,6 +1,6 @@
WAZUH_VERSION=4.9.1
WAZUH_IMAGE_VERSION=4.9.1
WAZUH_VERSION=4.10.0
WAZUH_IMAGE_VERSION=4.10.0
WAZUH_TAG_REVISION=1
FILEBEAT_TEMPLATE_BRANCH=4.9.1
FILEBEAT_TEMPLATE_BRANCH=4.10.0
WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.4.tar.gz
WAZUH_UI_REVISION=1

2
.github/.goss.yaml vendored
View File

@@ -56,7 +56,7 @@ package:
wazuh-manager:
installed: true
versions:
- 4.9.1
- 4.10.0-1
port:
tcp:1514:
listening: true

167
.github/workflows/Procedure_push_docker_images.yml vendored Normal file
View File

@@ -0,0 +1,167 @@
run-name: Launch Push Docker Images - ${{ inputs.id }}
name: Push Docker Images
on:
workflow_dispatch:
inputs:
image_tag:
description: 'Docker image tag'
default: '4.10.0'
required: true
docker_reference:
description: 'wazuh-docker reference'
default: 'v4.10.0'
required: false
products:
description: 'Comma-separated list of the image names to build and push'
default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer'
required: true
filebeat_module_version:
description: 'Filebeat module version'
default: '0.4'
required: true
revision:
description: 'Package revision'
default: '1'
required: true
push_images:
description: 'Push images'
type: boolean
default: true
required: true
id:
description: "ID used to identify the workflow uniquely."
type: string
required: false
dev:
description: "Add tag suffix '-dev' to the image tag ?"
type: boolean
default: true
required: false
workflow_call:
inputs:
image_tag:
description: 'Docker image tag'
default: '4.10.0'
required: true
type: string
docker_reference:
description: 'wazuh-docker reference'
default: 'v4.10.0'
required: false
type: string
products:
description: 'Comma-separated list of the image names to build and push'
default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer'
required: true
type: string
filebeat_module_version:
description: 'Filebeat module version'
default: '0.4'
required: true
type: string
revision:
description: 'Package revision'
default: '1'
required: true
type: string
push_images:
description: 'Push images'
type: boolean
default: true
required: true
id:
description: "ID used to identify the workflow uniquely."
type: string
required: false
dev:
description: "Add tag suffix '-dev' to the image tag ?"
type: boolean
default: false
required: false
jobs:
build-and-push:
runs-on: ubuntu-latest
steps:
- name: Print inputs
run: |
echo "---------------------------------------------"
echo "Running Procedure_push_docker_images workflow"
echo "---------------------------------------------"
echo "* BRANCH: ${{ github.ref }}"
echo "* COMMIT: ${{ github.sha }}"
echo "---------------------------------------------"
echo "Inputs provided:"
echo "---------------------------------------------"
echo "* id: ${{ inputs.id }}"
echo "* image_tag: ${{ inputs.image_tag }}"
echo "* docker_reference: ${{ inputs.docker_reference }}"
echo "* products: ${{ inputs.products }}"
echo "* filebeat_module_version: ${{ inputs.filebeat_module_version }}"
echo "* revision: ${{ inputs.revision }}"
echo "* push_images: ${{ inputs.push_images }}"
echo "* dev: ${{ inputs.dev }}"
echo "---------------------------------------------"
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ inputs.docker_reference }}
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Install Docker Compose
run: |
sudo apt-get update
sudo apt-get install -y docker-compose
echo "Installed Docker Compose version: $(docker-compose --version)"
- name: Build Wazuh images
run: |
IMAGE_TAG=${{ inputs.image_tag }}
FILEBEAT_MODULE_VERSION=${{ inputs.filebeat_module_version }}
REVISION=${{ inputs.revision }}
if [[ "$IMAGE_TAG" == *"-"* ]]; then
IFS='-' read -r -a tokens <<< "$IMAGE_TAG"
if [ -z "${tokens[1]}" ]; then
echo "Invalid image tag: $IMAGE_TAG"
exit 1
fi
DEV_STAGE=${tokens[1]}
WAZUH_VER=${tokens[0]}
./build-docker-images/build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -f $FILEBEAT_MODULE_VERSION
else
./build-docker-images/build-images.sh -v $IMAGE_TAG -r $REVISION -f $FILEBEAT_MODULE_VERSION
fi
# Save .env file (generated by build-images.sh) contents to $GITHUB_ENV
ENV_FILE_PATH=".env"
if [ -f $ENV_FILE_PATH ]; then
while IFS= read -r line || [ -n "$line" ]; do
echo "$line" >> $GITHUB_ENV
done < $ENV_FILE_PATH
else
echo "The environment file $ENV_FILE_PATH does not exist!"
exit 1
fi
- name: Tag and Push Wazuh images
if: ${{ inputs.push_images }}
run: |
IMAGE_TAG="${{ inputs.image_tag }}$( [ "${{ inputs.dev }}" == "true" ] && echo '-dev' || true )"
IMAGE_NAMES=${{ inputs.products }}
IFS=',' read -r -a images <<< "$IMAGE_NAMES"
for image in "${images[@]}"; do
echo "Tagging and pushing wazuh/$image:${WAZUH_VERSION} to wazuh/$image:$IMAGE_TAG"
docker tag wazuh/$image:${WAZUH_VERSION} wazuh/$image:$IMAGE_TAG
echo "Pushing wazuh/$image:$IMAGE_TAG ..."
docker push wazuh/$image:$IMAGE_TAG
done

18
CHANGELOG.md
View File

@@ -1,6 +1,24 @@
# Change Log
All notable changes to this project will be documented in this file.
## [4.10.0]
### Added
- Migrate the push docker images procedure to GitHub Actions ([#5651](https://github.com/wazuh/wazuh-qa/issues/5651))
### Changed
- None
### Fixed
- None
### Deleted
- None
## [4.9.1]
### Added

15
README.md
View File

@@ -58,20 +58,6 @@ CHECKS_TEMPLATE=true # step once the Wazuh app starts. Values must be
CHECKS_API=true
CHECKS_SETUP=true
EXTENSIONS_PCI=true # Enable PCI Extension
EXTENSIONS_GDPR=true # Enable GDPR Extension
EXTENSIONS_HIPAA=true # Enable HIPAA Extension
EXTENSIONS_NIST=true # Enable NIST Extension
EXTENSIONS_TSC=true # Enable TSC Extension
EXTENSIONS_AUDIT=true # Enable Audit Extension
EXTENSIONS_OSCAP=false # Enable OpenSCAP Extension
EXTENSIONS_CISCAT=false # Enable CISCAT Extension
EXTENSIONS_AWS=false # Enable AWS Extension
EXTENSIONS_GCP=false # Enable GCP Extension
EXTENSIONS_VIRUSTOTAL=false # Enable Virustotal Extension
EXTENSIONS_OSQUERY=false # Enable OSQuery Extension
EXTENSIONS_DOCKER=false # Enable Docker Extension
APP_TIMEOUT=20000 # Defines maximum timeout to be used on the Wazuh app requests
API_SELECTOR=true Defines if the user is allowed to change the selected API directly from the Wazuh app top menu
@@ -192,6 +178,7 @@ WAZUH_MONITORING_REPLICAS=0 ##
| Wazuh version | ODFE | XPACK |
|---------------|---------|--------|
| v4.10.0 | | |
| v4.9.1 | | |
| v4.9.0 | | |
| v4.8.2 | | |

4
VERSION
View File

@@ -1,2 +1,2 @@
WAZUH-DOCKER_VERSION="4.9.1"
REVISION="40914"
WAZUH-DOCKER_VERSION="4.10.0"
REVISION="41002"

4
build-docker-images/README.md
View File

@@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im
The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument:
```
$ build-docker-images/build-images.sh -v 4.9.1
$ build-docker-images/build-images.sh -v 4.10.0
```
To get all the available script options use the -h or --help option:
@@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS]
-d, --dev <ref> [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default.
-f, --filebeat-module <ref> [Optional] Set Filebeat module version. By default 0.4.
-r, --revision <rev> [Optional] Package revision. By default 1
-v, --version <ver> [Optional] Set the Wazuh version should be builded. By default, 4.9.1.
-v, --version <ver> [Optional] Set the Wazuh version should be builded. By default, 4.10.0.
-h, --help Show this help.
```

6
build-docker-images/build-images.sh
View File

@@ -1,4 +1,4 @@
WAZUH_IMAGE_VERSION=4.9.1
WAZUH_IMAGE_VERSION=4.10.0
WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
WAZUH_TAG_REVISION=1
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
@@ -12,7 +12,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
# License (version 2) as published by the FSF - Free Software
# Foundation.
WAZUH_IMAGE_VERSION="4.9.1"
WAZUH_IMAGE_VERSION="4.10.0"
WAZUH_TAG_REVISION="1"
WAZUH_DEV_STAGE=""
FILEBEAT_MODULE_VERSION="0.4"
@@ -70,7 +70,7 @@ build() {
echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> .env
echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> .env
docker-compose -f build-docker-images/build-images.yml --env-file .env build --no-cache
docker-compose -f build-docker-images/build-images.yml --env-file .env build --no-cache || clean 1
return 0
}

15
build-docker-images/wazuh-dashboard/Dockerfile
View File

@@ -48,21 +48,6 @@ ENV PATTERN="" \
CHECKS_TEMPLATE="" \
CHECKS_API="" \
CHECKS_SETUP="" \
EXTENSIONS_PCI="" \
EXTENSIONS_GDPR="" \
EXTENSIONS_HIPAA="" \
EXTENSIONS_NIST="" \
EXTENSIONS_TSC="" \
EXTENSIONS_AUDIT="" \
EXTENSIONS_OSCAP="" \
EXTENSIONS_CISCAT="" \
EXTENSIONS_AWS="" \
EXTENSIONS_GCP="" \
EXTENSIONS_GITHUB=""\
EXTENSIONS_OFFICE=""\
EXTENSIONS_VIRUSTOTAL="" \
EXTENSIONS_OSQUERY="" \
EXTENSIONS_DOCKER="" \
APP_TIMEOUT="" \
API_SELECTOR="" \
IP_SELECTOR="" \

4
build-docker-images/wazuh-dashboard/config/config.sh
View File

@@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config
## Variables
CERT_TOOL=wazuh-certs-tool.sh
PACKAGES_URL=https://packages.wazuh.com/4.9/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.9/
PACKAGES_URL=https://packages.wazuh.com/4.10/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.10/
## Check if the cert tool exists in S3 buckets
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')

15
build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh
View File

@@ -15,21 +15,6 @@ declare -A CONFIG_MAP=(
[checks.template]=$CHECKS_TEMPLATE
[checks.api]=$CHECKS_API
[checks.setup]=$CHECKS_SETUP
[extensions.pci]=$EXTENSIONS_PCI
[extensions.gdpr]=$EXTENSIONS_GDPR
[extensions.hipaa]=$EXTENSIONS_HIPAA
[extensions.nist]=$EXTENSIONS_NIST
[extensions.tsc]=$EXTENSIONS_TSC
[extensions.audit]=$EXTENSIONS_AUDIT
[extensions.oscap]=$EXTENSIONS_OSCAP
[extensions.ciscat]=$EXTENSIONS_CISCAT
[extensions.aws]=$EXTENSIONS_AWS
[extensions.gcp]=$EXTENSIONS_GCP
[extensions.github]=$EXTENSIONS_GITHUB
[extensions.office]=$EXTENSIONS_OFFICE
[extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL
[extensions.osquery]=$EXTENSIONS_OSQUERY
[extensions.docker]=$EXTENSIONS_DOCKER
[timeout]=$APP_TIMEOUT
[api.selector]=$API_SELECTOR
[ip.selector]=$IP_SELECTOR

4
build-docker-images/wazuh-indexer/config/config.sh
View File

@@ -22,8 +22,8 @@ export REPO_DIR=/unattended_installer
## Variables
CERT_TOOL=wazuh-certs-tool.sh
PASSWORD_TOOL=wazuh-passwords-tool.sh
PACKAGES_URL=https://packages.wazuh.com/4.9/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.9/
PACKAGES_URL=https://packages.wazuh.com/4.10/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.10/
## Check if the cert tool exists in S3 buckets
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')

4
indexer-certs-creator/config/entrypoint.sh
View File

@@ -8,8 +8,8 @@
## Variables
CERT_TOOL=wazuh-certs-tool.sh
PASSWORD_TOOL=wazuh-passwords-tool.sh
PACKAGES_URL=https://packages.wazuh.com/4.9/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.9/
PACKAGES_URL=https://packages.wazuh.com/4.10/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.10/
## Check if the cert tool exists in S3 buckets
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')

12
multi-node/docker-compose.yml
View File

@@ -3,7 +3,7 @@ version: '3.7'
services:
wazuh.master:
image: wazuh/wazuh-manager:4.9.1
image: wazuh/wazuh-manager:4.10.0
hostname: wazuh.master
restart: always
ulimits:
@@ -45,7 +45,7 @@ services:
- ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
wazuh.worker:
image: wazuh/wazuh-manager:4.9.1
image: wazuh/wazuh-manager:4.10.0
hostname: wazuh.worker
restart: always
ulimits:
@@ -81,7 +81,7 @@ services:
- ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
wazuh1.indexer:
image: wazuh/wazuh-indexer:4.9.1
image: wazuh/wazuh-indexer:4.10.0
hostname: wazuh1.indexer
restart: always
ports:
@@ -107,7 +107,7 @@ services:
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh2.indexer:
image: wazuh/wazuh-indexer:4.9.1
image: wazuh/wazuh-indexer:4.10.0
hostname: wazuh2.indexer
restart: always
environment:
@@ -129,7 +129,7 @@ services:
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh3.indexer:
image: wazuh/wazuh-indexer:4.9.1
image: wazuh/wazuh-indexer:4.10.0
hostname: wazuh3.indexer
restart: always
environment:
@@ -151,7 +151,7 @@ services:
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh.dashboard:
image: wazuh/wazuh-dashboard:4.9.1
image: wazuh/wazuh-dashboard:4.10.0
hostname: wazuh.dashboard
restart: always
ports:

6
single-node/docker-compose.yml
View File

@@ -3,7 +3,7 @@ version: '3.7'
services:
wazuh.manager:
image: wazuh/wazuh-manager:4.9.1
image: wazuh/wazuh-manager:4.10.0
hostname: wazuh.manager
restart: always
ulimits:
@@ -46,7 +46,7 @@ services:
- ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
wazuh.indexer:
image: wazuh/wazuh-indexer:4.9.1
image: wazuh/wazuh-indexer:4.10.0
hostname: wazuh.indexer
restart: always
ports:
@@ -71,7 +71,7 @@ services:
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh.dashboard:
image: wazuh/wazuh-dashboard:4.9.1
image: wazuh/wazuh-dashboard:4.10.0
hostname: wazuh.dashboard
restart: always
ports: