Add changes

Bump 4.14.0 branch

CHANGELOG.md

@@ -18,6 +18,7 @@ All notable changes to this project will be documented in this file.
 
 ### Fixed
 
+- Change Wazuh indexer directory owner ([#2029](https://github.com/wazuh/wazuh-docker/pull/2029))
 - Double the amount of space consumed in Wazuh Indexer ([#1953](https://github.com/wazuh/wazuh-docker/pull/1953))
 - Fix config directory for opensearch_security plugin work ([#1951](https://github.com/wazuh/wazuh-docker/pull/1951))
 - Update Dockerfile to copy opensearch-security files ([#1928](https://github.com/wazuh/wazuh-docker/pull/1928))

VERSION.json

@@ -1,4 +1,4 @@
 {
     "version": "4.14.0",
-    "stage": "alpha1"
+    "stage": "rc1"
 }

build-docker-images/build-images.yml

@@ -8,7 +8,7 @@ services:
         WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
         FILEBEAT_TEMPLATE_BRANCH: ${FILEBEAT_TEMPLATE_BRANCH}
         WAZUH_FILEBEAT_MODULE: ${WAZUH_FILEBEAT_MODULE}
-    image: wazuh/wazuh-manager:${WAZUH_IMAGE_VERSION}
+    image: merecu/wazuh-manager:${WAZUH_IMAGE_VERSION}
     hostname: wazuh.manager
     restart: always
     ports:
@@ -40,7 +40,7 @@ services:
       args:
         WAZUH_VERSION: ${WAZUH_VERSION}
         WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
-    image: wazuh/wazuh-agent:${WAZUH_IMAGE_VERSION}
+    image: merecu/wazuh-agent:${WAZUH_IMAGE_VERSION}
     hostname: wazuh.agent
     restart: always
 
@@ -50,7 +50,7 @@ services:
       args:
         WAZUH_VERSION: ${WAZUH_VERSION}
         WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
-    image: wazuh/wazuh-indexer:${WAZUH_IMAGE_VERSION}
+    image: merecu/wazuh-indexer:${WAZUH_IMAGE_VERSION}
     hostname: wazuh.indexer
     restart: always
     ports:
@@ -72,7 +72,7 @@ services:
         WAZUH_VERSION: ${WAZUH_VERSION}
         WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
         WAZUH_UI_REVISION: ${WAZUH_UI_REVISION}
-    image: wazuh/wazuh-dashboard:${WAZUH_IMAGE_VERSION}
+    image: merecu/wazuh-dashboard:${WAZUH_IMAGE_VERSION}
     hostname: wazuh.dashboard
     restart: always
     ports:

build-docker-images/wazuh-dashboard/Dockerfile

@@ -5,16 +5,19 @@ ARG WAZUH_VERSION
 ARG WAZUH_TAG_REVISION
 ARG WAZUH_UI_REVISION
 ARG INSTALL_DIR=/usr/share/wazuh-dashboard
+ARG REPO_ORIGIN=https://packages-dev.wazuh.com/pre-release
+ARG TARGETARCH
+ENV PKG_ARCH=${TARGETARCH}
 
 # Update and install dependencies
-RUN yum install curl-minimal libcap openssl -y
+RUN dnf install curl-minimal libcap openssl -y &&\
-
+    case "$PKG_ARCH" in \
-COPY config/check_repository.sh /
+      amd64) ARCH_NAME="x86_64" ;; \
-RUN chmod 775 /check_repository.sh && \
+      arm64) ARCH_NAME="aarch64" ;; \
-    source /check_repository.sh
+      *) echo "Unsupported arch: $PKG_ARCH" && exit 1 ;; \
-
+    esac && \
-RUN yum install wazuh-dashboard-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
+    dnf install ${REPO_ORIGIN}/yum/wazuh-dashboard-${WAZUH_VERSION}-${WAZUH_TAG_REVISION}.${ARCH_NAME}.rpm -y && \
-    yum clean all
+    dnf clean all
 
 # Create and set permissions to data directories
 RUN mkdir -p $INSTALL_DIR/data/wazuh && chmod -R 775 $INSTALL_DIR/data/wazuh
@@ -60,7 +63,7 @@ ENV PATTERN="" \
     WAZUH_MONITORING_REPLICAS=""
 
 # Update and install dependencies
-RUN yum install shadow-utils -y
+RUN dnf install shadow-utils -y
 
 # Create wazuh-dashboard user and group
 RUN getent group $GROUP || groupadd -r -g 1000 $GROUP

build-docker-images/wazuh-indexer/Dockerfile

@@ -3,15 +3,18 @@ FROM amazonlinux:2023 AS builder
 
 ARG WAZUH_VERSION
 ARG WAZUH_TAG_REVISION
+ARG REPO_ORIGIN=https://packages-dev.wazuh.com/pre-release
+ARG TARGETARCH
+ENV PKG_ARCH=${TARGETARCH}
 
-RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y
+RUN dnf install curl-minimal openssl xz tar findutils shadow-utils -y &&\
-
+    case "$PKG_ARCH" in \
-COPY config/check_repository.sh /
+      amd64) ARCH_NAME="x86_64" ;; \
-RUN chmod 775 /check_repository.sh && \
+      arm64) ARCH_NAME="aarch64" ;; \
-    source /check_repository.sh
+      *) echo "Unsupported arch: $PKG_ARCH" && exit 1 ;; \
-
+    esac && \
-RUN yum install wazuh-indexer-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
+    dnf install ${REPO_ORIGIN}/yum/wazuh-indexer-${WAZUH_VERSION}-${WAZUH_TAG_REVISION}.${ARCH_NAME}.rpm -y && \
-    yum clean all
+    dnf clean all
 
 COPY config/opensearch.yml /
 
@@ -62,9 +65,10 @@ COPY config/entrypoint.sh /
 
 COPY config/securityadmin.sh /
 
-RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh
+RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh && \
-
+    mkdir -p /usr/share/wazuh-indexer && \
-RUN chown 1000:1000 /*.sh
+    chown 1000:1000 /usr/share/wazuh-indexer && \
+    chown 1000:1000 /*.sh
 
 COPY --from=builder --chown=1000:1000 /usr/share/wazuh-indexer /usr/share/wazuh-indexer
 COPY --from=builder --chown=1000:1000 /etc/wazuh-indexer /usr/share/wazuh-indexer/config

build-docker-images/wazuh-manager/Dockerfile

@@ -11,19 +11,22 @@ ARG FILEBEAT_VERSION=7.10.2
 ARG FILEBEAT_REVISION=2
 ARG WAZUH_FILEBEAT_MODULE
 ARG S6_VERSION="v2.2.0.3"
+ARG REPO_ORIGIN=https://packages-dev.wazuh.com/pre-release
+ARG TARGETARCH
+ENV PKG_ARCH=${TARGETARCH}
 
-RUN yum install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\
-    yum clean all
-
-COPY config/check_repository.sh /
 COPY config/filebeat_module.sh /
 COPY config/permanent_data.env config/permanent_data.sh /
 
-RUN chmod 775 /check_repository.sh
-RUN source /check_repository.sh
 
-RUN yum install wazuh-manager-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
+RUN dnf install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\
-    yum clean all && \
+    case "$PKG_ARCH" in \
+      amd64) ARCH_NAME="x86_64" ;; \
+      arm64) ARCH_NAME="aarch64" ;; \
+      *) echo "Unsupported arch: $PKG_ARCH" && exit 1 ;; \
+    esac && \
+    dnf install ${REPO_ORIGIN}/yum/wazuh-manager-${WAZUH_VERSION}-${WAZUH_TAG_REVISION}.${ARCH_NAME}.rpm -y && \
+    dnf clean all && \
     chmod 775 /filebeat_module.sh && \
     source /filebeat_module.sh && \
     rm /filebeat_module.sh && \
@@ -61,8 +64,6 @@ RUN mkdir -p /var/ossec/var/multigroups && \
     sync && /permanent_data.sh && \
     sync && rm /permanent_data.sh
 
-RUN rm /etc/yum.repos.d/wazuh.repo
-
 # Services ports
 EXPOSE 55000/tcp 1514/tcp 1515/tcp 514/udp 1516/tcp
 

build-docker-images/wazuh-manager/config/filebeat_module.sh

@@ -1,11 +1,5 @@
 ## variables
-REPOSITORY="packages-dev.wazuh.com/pre-release"
 WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/'  | cut -c 11- | grep ^v${WAZUH_VERSION}$)
 
-## check tag to use the correct repository
+dnf install ${REPO_ORIGIN}/yum/filebeat-${FILEBEAT_VERSION}-${FILEBEAT_REVISION}.${ARCH_NAME}.rpm -y && \
-if [[ -n "${WAZUH_TAG}" ]]; then
+curl -s ${REPO_ORIGIN}/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module
-  REPOSITORY="packages.wazuh.com/4.x"
-fi
-
-yum install filebeat-${FILEBEAT_VERSION}-${FILEBEAT_REVISION} -y && \
-curl -s https://${REPOSITORY}/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module

single-node/docker-compose.yml

@@ -1,7 +1,7 @@
 # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
 services:
   wazuh.manager:
-    image: wazuh/wazuh-manager:4.14.0
+    image: merecu/wazuh-manager:4.14.0
     hostname: wazuh.manager
     restart: always
     ulimits:
@@ -44,7 +44,7 @@ services:
       - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
 
   wazuh.indexer:
-    image: wazuh/wazuh-indexer:4.14.0
+    image: merecu/wazuh-indexer:4.14.0
     hostname: wazuh.indexer
     restart: always
     ports:
@@ -69,7 +69,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml
 
   wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.14.0
+    image: merecu/wazuh-dashboard:4.14.0
     hostname: wazuh.dashboard
     restart: always
     ports: