diff --git a/.env b/.env index df659daa..84f7370e 100755 --- a/.env +++ b/.env @@ -1,6 +1,6 @@ -WAZUH_VERSION=4.9.2 -WAZUH_IMAGE_VERSION=4.9.2 +WAZUH_VERSION=4.10.0 +WAZUH_IMAGE_VERSION=4.10.0 WAZUH_TAG_REVISION=1 -FILEBEAT_TEMPLATE_BRANCH=4.9.2 +FILEBEAT_TEMPLATE_BRANCH=4.10.0 WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.4.tar.gz WAZUH_UI_REVISION=1 diff --git a/.github/.goss.yaml b/.github/.goss.yaml index 5c177e75..41a65693 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.9.2 + - 4.10.0-1 port: tcp:1514: listening: true diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml new file mode 100644 index 00000000..7ff8033d --- /dev/null +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -0,0 +1,167 @@ +run-name: Launch Push Docker Images - ${{ inputs.id }} +name: Push Docker Images + +on: + workflow_dispatch: + inputs: + image_tag: + description: 'Docker image tag' + default: '4.10.0' + required: true + docker_reference: + description: 'wazuh-docker reference' + default: 'v4.10.0' + required: false + products: + description: 'Comma-separated list of the image names to build and push' + default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer' + required: true + filebeat_module_version: + description: 'Filebeat module version' + default: '0.4' + required: true + revision: + description: 'Package revision' + default: '1' + required: true + push_images: + description: 'Push images' + type: boolean + default: true + required: true + id: + description: "ID used to identify the workflow uniquely." + type: string + required: false + dev: + description: "Add tag suffix '-dev' to the image tag ?" + type: boolean + default: true + required: false + workflow_call: + inputs: + image_tag: + description: 'Docker image tag' + default: '4.10.0' + required: true + type: string + docker_reference: + description: 'wazuh-docker reference' + default: 'v4.10.0' + required: false + type: string + products: + description: 'Comma-separated list of the image names to build and push' + default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer' + required: true + type: string + filebeat_module_version: + description: 'Filebeat module version' + default: '0.4' + required: true + type: string + revision: + description: 'Package revision' + default: '1' + required: true + type: string + push_images: + description: 'Push images' + type: boolean + default: true + required: true + id: + description: "ID used to identify the workflow uniquely." + type: string + required: false + dev: + description: "Add tag suffix '-dev' to the image tag ?" + type: boolean + default: false + required: false + +jobs: + build-and-push: + runs-on: ubuntu-latest + + steps: + - name: Print inputs + run: | + echo "---------------------------------------------" + echo "Running Procedure_push_docker_images workflow" + echo "---------------------------------------------" + echo "* BRANCH: ${{ github.ref }}" + echo "* COMMIT: ${{ github.sha }}" + echo "---------------------------------------------" + echo "Inputs provided:" + echo "---------------------------------------------" + echo "* id: ${{ inputs.id }}" + echo "* image_tag: ${{ inputs.image_tag }}" + echo "* docker_reference: ${{ inputs.docker_reference }}" + echo "* products: ${{ inputs.products }}" + echo "* filebeat_module_version: ${{ inputs.filebeat_module_version }}" + echo "* revision: ${{ inputs.revision }}" + echo "* push_images: ${{ inputs.push_images }}" + echo "* dev: ${{ inputs.dev }}" + echo "---------------------------------------------" + + - name: Checkout repository + uses: actions/checkout@v4 + with: + ref: ${{ inputs.docker_reference }} + + - name: Log in to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + + - name: Install Docker Compose + run: | + sudo apt-get update + sudo apt-get install -y docker-compose + echo "Installed Docker Compose version: $(docker-compose --version)" + + - name: Build Wazuh images + run: | + IMAGE_TAG=${{ inputs.image_tag }} + FILEBEAT_MODULE_VERSION=${{ inputs.filebeat_module_version }} + REVISION=${{ inputs.revision }} + + if [[ "$IMAGE_TAG" == *"-"* ]]; then + IFS='-' read -r -a tokens <<< "$IMAGE_TAG" + if [ -z "${tokens[1]}" ]; then + echo "Invalid image tag: $IMAGE_TAG" + exit 1 + fi + DEV_STAGE=${tokens[1]} + WAZUH_VER=${tokens[0]} + ./build-docker-images/build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -f $FILEBEAT_MODULE_VERSION + else + ./build-docker-images/build-images.sh -v $IMAGE_TAG -r $REVISION -f $FILEBEAT_MODULE_VERSION + fi + + # Save .env file (generated by build-images.sh) contents to $GITHUB_ENV + ENV_FILE_PATH=".env" + + if [ -f $ENV_FILE_PATH ]; then + while IFS= read -r line || [ -n "$line" ]; do + echo "$line" >> $GITHUB_ENV + done < $ENV_FILE_PATH + else + echo "The environment file $ENV_FILE_PATH does not exist!" + exit 1 + fi + + - name: Tag and Push Wazuh images + if: ${{ inputs.push_images }} + run: | + IMAGE_TAG="${{ inputs.image_tag }}$( [ "${{ inputs.dev }}" == "true" ] && echo '-dev' || true )" + IMAGE_NAMES=${{ inputs.products }} + IFS=',' read -r -a images <<< "$IMAGE_NAMES" + for image in "${images[@]}"; do + echo "Tagging and pushing wazuh/$image:${WAZUH_VERSION} to wazuh/$image:$IMAGE_TAG" + docker tag wazuh/$image:${WAZUH_VERSION} wazuh/$image:$IMAGE_TAG + echo "Pushing wazuh/$image:$IMAGE_TAG ..." + docker push wazuh/$image:$IMAGE_TAG + done diff --git a/CHANGELOG.md b/CHANGELOG.md index bd59eb21..c890854f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,24 @@ # Change Log All notable changes to this project will be documented in this file. +## [4.10.0] + +### Added + +- Migrate the push docker images procedure to GitHub Actions ([#5651](https://github.com/wazuh/wazuh-qa/issues/5651)) + +### Changed + +- None + +### Fixed + +- None + +### Deleted + +- None + ## [4.9.2] ### Added diff --git a/README.md b/README.md index 1aae02ed..5813ca57 100644 --- a/README.md +++ b/README.md @@ -58,20 +58,6 @@ CHECKS_TEMPLATE=true # step once the Wazuh app starts. Values must be CHECKS_API=true CHECKS_SETUP=true -EXTENSIONS_PCI=true # Enable PCI Extension -EXTENSIONS_GDPR=true # Enable GDPR Extension -EXTENSIONS_HIPAA=true # Enable HIPAA Extension -EXTENSIONS_NIST=true # Enable NIST Extension -EXTENSIONS_TSC=true # Enable TSC Extension -EXTENSIONS_AUDIT=true # Enable Audit Extension -EXTENSIONS_OSCAP=false # Enable OpenSCAP Extension -EXTENSIONS_CISCAT=false # Enable CISCAT Extension -EXTENSIONS_AWS=false # Enable AWS Extension -EXTENSIONS_GCP=false # Enable GCP Extension -EXTENSIONS_VIRUSTOTAL=false # Enable Virustotal Extension -EXTENSIONS_OSQUERY=false # Enable OSQuery Extension -EXTENSIONS_DOCKER=false # Enable Docker Extension - APP_TIMEOUT=20000 # Defines maximum timeout to be used on the Wazuh app requests API_SELECTOR=true Defines if the user is allowed to change the selected API directly from the Wazuh app top menu @@ -192,6 +178,7 @@ WAZUH_MONITORING_REPLICAS=0 ## | Wazuh version | ODFE | XPACK | |---------------|---------|--------| +| v4.10.0 | | | | v4.9.2 | | | | v4.9.1 | | | | v4.9.0 | | | diff --git a/VERSION b/VERSION index 97194304..6338a2e8 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -WAZUH-DOCKER_VERSION="4.9.2" -REVISION="40921" +WAZUH-DOCKER_VERSION="4.10.0" +REVISION="41003" diff --git a/build-docker-images/README.md b/build-docker-images/README.md index 057e1714..7541b7e6 100644 --- a/build-docker-images/README.md +++ b/build-docker-images/README.md @@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: ``` -$ build-docker-images/build-images.sh -v 4.9.2 +$ build-docker-images/build-images.sh -v 4.10.0 ``` To get all the available script options use the -h or --help option: @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.9.2. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.10.0. -h, --help Show this help. ``` \ No newline at end of file diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index b32459d2..6a7b3f8a 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -1,4 +1,4 @@ -WAZUH_IMAGE_VERSION=4.9.2 +WAZUH_IMAGE_VERSION=4.10.0 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g') WAZUH_TAG_REVISION=1 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g') @@ -12,7 +12,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION} # License (version 2) as published by the FSF - Free Software # Foundation. -WAZUH_IMAGE_VERSION="4.9.2" +WAZUH_IMAGE_VERSION="4.10.0" WAZUH_TAG_REVISION="1" WAZUH_DEV_STAGE="" FILEBEAT_MODULE_VERSION="0.4" @@ -70,7 +70,7 @@ build() { echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> .env echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> .env - docker-compose -f build-docker-images/build-images.yml --env-file .env build --no-cache + docker-compose -f build-docker-images/build-images.yml --env-file .env build --no-cache || clean 1 return 0 } diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 10637c7c..a0c61bb3 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -48,21 +48,6 @@ ENV PATTERN="" \ CHECKS_TEMPLATE="" \ CHECKS_API="" \ CHECKS_SETUP="" \ - EXTENSIONS_PCI="" \ - EXTENSIONS_GDPR="" \ - EXTENSIONS_HIPAA="" \ - EXTENSIONS_NIST="" \ - EXTENSIONS_TSC="" \ - EXTENSIONS_AUDIT="" \ - EXTENSIONS_OSCAP="" \ - EXTENSIONS_CISCAT="" \ - EXTENSIONS_AWS="" \ - EXTENSIONS_GCP="" \ - EXTENSIONS_GITHUB=""\ - EXTENSIONS_OFFICE=""\ - EXTENSIONS_VIRUSTOTAL="" \ - EXTENSIONS_OSQUERY="" \ - EXTENSIONS_DOCKER="" \ APP_TIMEOUT="" \ API_SELECTOR="" \ IP_SELECTOR="" \ diff --git a/build-docker-images/wazuh-dashboard/config/config.sh b/build-docker-images/wazuh-dashboard/config/config.sh index 3f5dd902..4f833148 100644 --- a/build-docker-images/wazuh-dashboard/config/config.sh +++ b/build-docker-images/wazuh-dashboard/config/config.sh @@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config ## Variables CERT_TOOL=wazuh-certs-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.9/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.9/ +PACKAGES_URL=https://packages.wazuh.com/4.10/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.10/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh b/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh index 4773d45d..76ecdc7f 100644 --- a/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh +++ b/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh @@ -15,21 +15,6 @@ declare -A CONFIG_MAP=( [checks.template]=$CHECKS_TEMPLATE [checks.api]=$CHECKS_API [checks.setup]=$CHECKS_SETUP - [extensions.pci]=$EXTENSIONS_PCI - [extensions.gdpr]=$EXTENSIONS_GDPR - [extensions.hipaa]=$EXTENSIONS_HIPAA - [extensions.nist]=$EXTENSIONS_NIST - [extensions.tsc]=$EXTENSIONS_TSC - [extensions.audit]=$EXTENSIONS_AUDIT - [extensions.oscap]=$EXTENSIONS_OSCAP - [extensions.ciscat]=$EXTENSIONS_CISCAT - [extensions.aws]=$EXTENSIONS_AWS - [extensions.gcp]=$EXTENSIONS_GCP - [extensions.github]=$EXTENSIONS_GITHUB - [extensions.office]=$EXTENSIONS_OFFICE - [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL - [extensions.osquery]=$EXTENSIONS_OSQUERY - [extensions.docker]=$EXTENSIONS_DOCKER [timeout]=$APP_TIMEOUT [api.selector]=$API_SELECTOR [ip.selector]=$IP_SELECTOR diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index ea907b7b..f0db78b5 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -22,8 +22,8 @@ export REPO_DIR=/unattended_installer ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.9/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.9/ +PACKAGES_URL=https://packages.wazuh.com/4.10/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.10/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index db6e0e78..e8e95a13 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -8,8 +8,8 @@ ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.9/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.9/ +PACKAGES_URL=https://packages.wazuh.com/4.10/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.10/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 3dfda21b..89e3741b 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.9.2 + image: wazuh/wazuh-manager:4.10.0 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.9.2 + image: wazuh/wazuh-manager:4.10.0 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.9.2 + image: wazuh/wazuh-indexer:4.10.0 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.9.2 + image: wazuh/wazuh-indexer:4.10.0 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.9.2 + image: wazuh/wazuh-indexer:4.10.0 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.9.2 + image: wazuh/wazuh-dashboard:4.10.0 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 0d94b544..a17a0368 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.9.2 + image: wazuh/wazuh-manager:4.10.0 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.9.2 + image: wazuh/wazuh-indexer:4.10.0 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.9.2 + image: wazuh/wazuh-dashboard:4.10.0 hostname: wazuh.dashboard restart: always ports: