paulmataruso/wazuh-docker-orginal
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-10-24 00:23:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Resolving conflicts

Browse Source
This commit is contained in:
vcerenu
2025-05-27 14:09:31 -03:00
parent 35d7b63a18 e822b0744e
commit 3b88bd9852
18 changed files with 203 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.env
View File

@@ -1,6 +1,6 @@
WAZUH_VERSION=4.12.2
WAZUH_IMAGE_VERSION=4.12.2
WAZUH_VERSION=4.13.0
WAZUH_IMAGE_VERSION=4.13.0
WAZUH_TAG_REVISION=1
FILEBEAT_TEMPLATE_BRANCH=4.12.2
FILEBEAT_TEMPLATE_BRANCH=4.13.0
WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.4.tar.gz
WAZUH_UI_REVISION=1

2
.github/.goss.yaml vendored
View File

@@ -56,7 +56,7 @@ package:
wazuh-manager:
installed: true
versions:
- 4.12.2
- 4.13.0
port:
tcp:1514:
listening: true

6
.github/workflows/Procedure_push_docker_images.yml vendored
View File

@@ -6,11 +6,10 @@ on:
inputs:
image_tag:
description: 'Docker image tag'
default: '4.12.2'
default: '4.13.0'
required: true
docker_reference:
description: 'wazuh-docker reference'
default: 'v4.12.2'
required: true
products:
description: 'Comma-separated list of the image names to build and push'
@@ -42,12 +41,11 @@ on:
inputs:
image_tag:
description: 'Docker image tag'
default: '4.12.2'
default: '4.13.0'
required: true
type: string
docker_reference:
description: 'wazuh-docker reference'
default: 'v4.12.2'
required: false
type: string
products:

3
.github/workflows/trivy-dashboard.yml vendored
View File

@@ -11,8 +11,7 @@ on:
- published
pull_request:
branches:
- master
- stable
- main
schedule:
- cron: '34 2 * * 1'
workflow_dispatch:

3
.github/workflows/trivy-indexer.yml vendored
View File

@@ -11,8 +11,7 @@ on:
- published
pull_request:
branches:
- master
- stable
- main
schedule:
- cron: '34 2 * * 1'
workflow_dispatch:

3
.github/workflows/trivy-manager.yml vendored
View File

@@ -11,8 +11,7 @@ on:
- published
pull_request:
branches:
- master
- stable
- main
schedule:
- cron: '34 2 * * 1'
workflow_dispatch:

1
.gitignore vendored
View File

@@ -2,3 +2,4 @@ single-node/config/wazuh_indexer_ssl_certs/*.pem
single-node/config/wazuh_indexer_ssl_certs/*.key
multi-node/config/wazuh_indexer_ssl_certs/*.pem
multi-node/config/wazuh_indexer_ssl_certs/*.key
*.log

20
CHANGELOG.md
View File

@@ -1,6 +1,25 @@
# Change Log
All notable changes to this project will be documented in this file.
## [4.13.0]
### Added
- Added repository_bumper script. ([#1781](https://github.com/wazuh/wazuh-docker/pull/1781))
### Changed
- Modify wazuh-keystore use ([#1750](https://github.com/wazuh/wazuh-docker/pull/1750)) \- (wazuh-keystore)
### Fixed
- None
### Deleted
- Remove default docker reference version from workflow ([#1761](https://github.com/wazuh/wazuh-docker/pull/1761))
- Remove 'stable' branch ocurrencies ([#1757](https://github.com/wazuh/wazuh-docker/pull/1757))
## [4.12.2]
### Added
@@ -22,6 +41,7 @@ All notable changes to this project will be documented in this file.
- None
## [4.12.1]
### Added

2
VERSION.json
View File

@@ -1,4 +1,4 @@
{
"version": "4.12.2",
"version": "4.13.0",
"stage": "alpha0"
}

4
build-docker-images/README.md
View File

@@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im
The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument:
```
$ build-docker-images/build-images.sh -v 4.12.2
$ build-docker-images/build-images.sh -v 4.13.0
```
To get all the available script options use the -h or --help option:
@@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS]
-d, --dev <ref> [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default.
-f, --filebeat-module <ref> [Optional] Set Filebeat module version. By default 0.4.
-r, --revision <rev> [Optional] Package revision. By default 1
-v, --version <ver> [Optional] Set the Wazuh version should be builded. By default, 4.12.2.
-v, --version <ver> [Optional] Set the Wazuh version should be builded. By default, 4.13.0.
-h, --help Show this help.
```

4
build-docker-images/build-images.sh
View File

@@ -1,4 +1,4 @@
WAZUH_IMAGE_VERSION=4.12.2
WAZUH_IMAGE_VERSION=4.13.0
WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
WAZUH_TAG_REVISION=1
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
@@ -12,7 +12,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
# License (version 2) as published by the FSF - Free Software
# Foundation.
WAZUH_IMAGE_VERSION="4.12.2"
WAZUH_IMAGE_VERSION="4.13.0"
WAZUH_TAG_REVISION="1"
WAZUH_DEV_STAGE=""
FILEBEAT_MODULE_VERSION="0.4"

4
build-docker-images/wazuh-dashboard/config/config.sh
View File

@@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config
## Variables
CERT_TOOL=wazuh-certs-tool.sh
PACKAGES_URL=https://packages.wazuh.com/4.12/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.12/
PACKAGES_URL=https://packages.wazuh.com/4.13/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.13/
## Check if the cert tool exists in S3 buckets
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')

4
build-docker-images/wazuh-indexer/config/config.sh
View File

@@ -22,8 +22,8 @@ export REPO_DIR=/unattended_installer
## Variables
CERT_TOOL=wazuh-certs-tool.sh
PASSWORD_TOOL=wazuh-passwords-tool.sh
PACKAGES_URL=https://packages.wazuh.com/4.12/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.12/
PACKAGES_URL=https://packages.wazuh.com/4.13/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.13/
## Check if the cert tool exists in S3 buckets
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')

4
build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
View File

@@ -115,8 +115,8 @@ function_entrypoint_scripts() {
function_configure_vulnerability_detection() {
if [ "$INDEXER_PASSWORD" != "" ]; then
>&2 echo "Configuring password."
/var/ossec/bin/wazuh-keystore -f indexer -k username -v $INDEXER_USERNAME
/var/ossec/bin/wazuh-keystore -f indexer -k password -v $INDEXER_PASSWORD
echo "$INDEXER_USERNAME" | /var/ossec/bin/wazuh-keystore -f indexer -k username
echo "$INDEXER_PASSWORD" | /var/ossec/bin/wazuh-keystore -f indexer -k password
fi
}

4
indexer-certs-creator/config/entrypoint.sh
View File

@@ -8,8 +8,8 @@
## Variables
CERT_TOOL=wazuh-certs-tool.sh
PASSWORD_TOOL=wazuh-passwords-tool.sh
PACKAGES_URL=https://packages.wazuh.com/4.12/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.12/
PACKAGES_URL=https://packages.wazuh.com/4.13/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.13/
## Check if the cert tool exists in S3 buckets
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')

12
multi-node/docker-compose.yml
View File

@@ -1,7 +1,7 @@
# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
services:
wazuh.master:
image: wazuh/wazuh-manager:4.12.2
image: wazuh/wazuh-manager:4.13.0
hostname: wazuh.master
restart: always
ulimits:
@@ -43,7 +43,7 @@ services:
- ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
wazuh.worker:
image: wazuh/wazuh-manager:4.12.2
image: wazuh/wazuh-manager:4.13.0
hostname: wazuh.worker
restart: always
ulimits:
@@ -79,7 +79,7 @@ services:
- ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
wazuh1.indexer:
image: wazuh/wazuh-indexer:4.12.2
image: wazuh/wazuh-indexer:4.13.0
hostname: wazuh1.indexer
restart: always
ports:
@@ -105,7 +105,7 @@ services:
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh2.indexer:
image: wazuh/wazuh-indexer:4.12.2
image: wazuh/wazuh-indexer:4.13.0
hostname: wazuh2.indexer
restart: always
environment:
@@ -127,7 +127,7 @@ services:
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh3.indexer:
image: wazuh/wazuh-indexer:4.12.2
image: wazuh/wazuh-indexer:4.13.0
hostname: wazuh3.indexer
restart: always
environment:
@@ -149,7 +149,7 @@ services:
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh.dashboard:
image: wazuh/wazuh-dashboard:4.12.2
image: wazuh/wazuh-dashboard:4.13.0
hostname: wazuh.dashboard
restart: always
ports:

6
single-node/docker-compose.yml
View File

@@ -1,7 +1,7 @@
# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
services:
wazuh.manager:
image: wazuh/wazuh-manager:4.12.2
image: wazuh/wazuh-manager:4.13.0
hostname: wazuh.manager
restart: always
ulimits:
@@ -44,7 +44,7 @@ services:
- ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
wazuh.indexer:
image: wazuh/wazuh-indexer:4.12.2
image: wazuh/wazuh-indexer:4.13.0
hostname: wazuh.indexer
restart: always
ports:
@@ -69,7 +69,7 @@ services:
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh.dashboard:
image: wazuh/wazuh-dashboard:4.12.2
image: wazuh/wazuh-dashboard:4.13.0
hostname: wazuh.dashboard
restart: always
ports:

150
tools/repository_bumper.sh Normal file
View File

@@ -0,0 +1,150 @@
#!/bin/bash
# This script is used to update the version of a repository in the specified files.
# It takes a version number as an argument and updates the version in the specified files.
# Usage: ./repository_bumper.sh <version>
# Global variables
DIR=$(dirname "$(pwd)")
LOG_FILE="${DIR}/tools/repository_bumper_$(date +"%Y-%m-%d_%H-%M-%S-%3N").log"
VERSION=""
STAGE=""
FILES_EDITED=()
get_old_version_and_stage() {
local VERSION_FILE="${DIR}/VERSION.json"
OLD_VERSION=$(jq -r '.version' "${VERSION_FILE}")
OLD_STAGE=$(jq -r '.stage' "${VERSION_FILE}")
echo "Old version: ${OLD_VERSION}" | tee -a "${LOG_FILE}"
echo "Old stage: ${OLD_STAGE}" | tee -a "${LOG_FILE}"
}
grep_command() {
# This function is used to search for a specific string in the specified directory.
# It takes two arguments: the string to search for and the directory to search in.
# Usage: grep_command <string> <directory>
eval grep -Rl "${1}" "${2}" --exclude-dir=".git" --exclude="repository_bumper_*.log" --exclude="CHANGELOG.md" "${3}"
}
update_version_in_files() {
local OLD_MAYOR="$(echo "${OLD_VERSION}" | cut -d '.' -f 1)"
local OLD_MINOR="$(echo "${OLD_VERSION}" | cut -d '.' -f 2)"
local OLD_PATCH="$(echo "${OLD_VERSION}" | cut -d '.' -f 3)"
local NEW_MAYOR="$(echo "${VERSION}" | cut -d '.' -f 1)"
local NEW_MINOR="$(echo "${VERSION}" | cut -d '.' -f 2)"
local NEW_PATCH="$(echo "${VERSION}" | cut -d '.' -f 3)"
m_m_p_files=( $(grep_command "${OLD_MAYOR}\.${OLD_MINOR}\.${OLD_PATCH}" "${DIR}") )
for file in "${m_m_p_files[@]}"; do
sed -i "s/\bv${OLD_MAYOR}\.${OLD_MINOR}\.${OLD_PATCH}\b/v${NEW_MAYOR}\.${NEW_MINOR}\.${NEW_PATCH}/g; s/\b${OLD_MAYOR}\.${OLD_MINOR}\.${OLD_PATCH}/${NEW_MAYOR}\.${NEW_MINOR}\.${NEW_PATCH}/g" "${file}"
if [[ $(git diff --name-only "${file}") ]]; then
FILES_EDITED+=("${file}")
fi
done
m_m_files=( $(grep_command "${OLD_MAYOR}\.${OLD_MINOR}" "${DIR}") )
for file in "${m_m_files[@]}"; do
sed -i -E "/[0-9]+\.[0-9]+\.[0-9]+/! s/(^|[^0-9.])(${OLD_MAYOR}\.${OLD_MINOR})([^0-9.]|$)/\1${NEW_MAYOR}.${NEW_MINOR}\3/g" "$file"
if [[ $(git diff --name-only "${file}") ]]; then
FILES_EDITED+=("${file}")
fi
done
m_x_files=( $(grep_command "${OLD_MAYOR}\.x" "${DIR}") )
for file in "${m_x_files[@]}"; do
sed -i "s/\b${OLD_MAYOR}\.x\b/${NEW_MAYOR}\.x/g" "${file}"
if [[ $(git diff --name-only "${file}") ]]; then
FILES_EDITED+=("${file}")
fi
done
if ! sed -i "/^All notable changes to this project will be documented in this file.$/a \\\n## [${VERSION}]\\n\\n### Added\\n\\n- None\\n\\n### Changed\\n\\n- None\\n\\n### Fixed\\n\\n- None\\n\\n### Deleted\\n\\n- None" "${DIR}/CHANGELOG.md"; then
echo "Error: Failed to update CHANGELOG.md" | tee -a "${LOG_FILE}"
fi
if [[ $(git diff --name-only "${DIR}/CHANGELOG.md") ]]; then
FILES_EDITED+=("${DIR}/CHANGELOG.md")
fi
}
update_stage_in_files() {
local OLD_STAGE="$(echo "${OLD_STAGE}")"
files=( $(grep_command "${OLD_STAGE}" "${DIR}" --exclude="README.md") )
for file in "${files[@]}"; do
sed -i "s/${OLD_STAGE}/${STAGE}/g" "${file}"
if [[ $(git diff --name-only "${file}") ]]; then
FILES_EDITED+=("${file}")
fi
done
}
main() {
echo "Starting repository version bumping process..." | tee -a "${LOG_FILE}"
echo "Log file: ${LOG_FILE}"
# Parse arguments
while [[ $# -gt 0 ]]; do
case $1 in
--version)
VERSION="$2"
shift 2
;;
--stage)
STAGE="$2"
shift 2
;;
*)
echo "Unknown argument: $1"
exit 1
;;
esac
done
# Validate arguments
if [[ -z "$VERSION" ]]; then
echo "Error: --version argument is required." | tee -a "${LOG_FILE}"
exit 1
fi
if [[ -z "$STAGE" ]]; then
echo "Error: --stage argument is required." | tee -a "${LOG_FILE}"
exit 1
fi
# Validate if version is in the correct format
if ! [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Error: Version must be in the format X.Y.Z (e.g., 1.2.3)." | tee -a "${LOG_FILE}"
exit 1
fi
# Validate if stage is in the correct format
STAGE=$(echo "$STAGE" | tr '[:upper:]' '[:lower:]')
if ! [[ "$STAGE" =~ ^(alpha[0-9]*|beta[0-9]*|rc[0-9]*|stable)$ ]]; then
echo "Error: Stage must be one of the following examples: alpha1, beta1, rc1, stable." | tee -a "${LOG_FILE}"
exit 1
fi
# Get old version and stage
get_old_version_and_stage
if [[ "$OLD_VERSION" == "$VERSION" && "$OLD_STAGE" == "$STAGE" ]]; then
echo "Version and stage are already up to date." | tee -a "${LOG_FILE}"
echo "No changes needed." | tee -a "${LOG_FILE}"
exit 0
fi
if [[ "$OLD_VERSION" != "$VERSION" ]]; then
echo "Updating version from $OLD_VERSION to $VERSION" | tee -a "${LOG_FILE}"
update_version_in_files "$VERSION"
fi
if [[ "$OLD_STAGE" != "$STAGE" ]]; then
echo "Updating stage from $OLD_STAGE to $STAGE" | tee -a "${LOG_FILE}"
update_stage_in_files "$STAGE"
fi
echo "The following files were edited:" | tee -a "${LOG_FILE}"
for file in $(printf "%s\n" "${FILES_EDITED[@]}" | sort -u); do
echo "${file}" | tee -a "${LOG_FILE}"
done
echo "Version and stage updated successfully." | tee -a "${LOG_FILE}"
}
# Call the main method with all arguments
main "$@"