From 99e708c1a98767de0a858300c11f766827b67e53 Mon Sep 17 00:00:00 2001
From: c-bordon <carlos.e.bordon@gmail.com>
Date: Thu, 4 Jan 2024 11:48:27 -0300
Subject: [PATCH 1/8] Updated indexer-ism-init.sh execution and removed
 wazuh-template push from Filebeat

---
 build-docker-images/wazuh-indexer/config/ism-check.sh | 3 ++-
 build-docker-images/wazuh-manager/config/filebeat.yml | 2 --
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/build-docker-images/wazuh-indexer/config/ism-check.sh b/build-docker-images/wazuh-indexer/config/ism-check.sh
index 08900dc0..a913c7b0 100644
--- a/build-docker-images/wazuh-indexer/config/ism-check.sh
+++ b/build-docker-images/wazuh-indexer/config/ism-check.sh
@@ -3,6 +3,7 @@ MIN_SHARD_SIZE=${MIN_SHARD_SIZE:-25}
 MIN_INDEX_AGE=${MIN_INDEX_AGE:-"7d"}
 MIN_DOC_COUNT=${MIN_DOC_COUNT:-600000000}
 ISM_PRIORITY=${ISM_PRIORITY:-50}
+WAZUH_TEMPLATE=${WAZUH_TEMPLATE:-"/usr/share/wazuh-indexer/wazuh-template.json"}
 SERVER=`hostname`
 if [[ -n "$INDEXER_PASSWORD"  ]]; then
     until [[ `curl -XGET https://$SERVER:9200/_cat/indices -u admin:SecretPassword -k -s  | grep .opendistro_security | wc -l`  -eq 1 ]]
@@ -10,5 +11,5 @@ if [[ -n "$INDEXER_PASSWORD"  ]]; then
         echo "Wazuh indexer Security is not initiaized";
         sleep 30
     done
-    bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh  -p $INDEXER_PASSWORD -i $SERVER -P $ISM_PRIORITY -d $MIN_DOC_COUNT -a $MIN_INDEX_AGE -s $MIN_SHARD_SIZE
+    bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh  -p $INDEXER_PASSWORD -i $SERVER -P $ISM_PRIORITY -d $MIN_DOC_COUNT -a $MIN_INDEX_AGE -s $MIN_SHARD_SIZE -t $WAZUH_TEMPLATE
 fi
\ No newline at end of file
diff --git a/build-docker-images/wazuh-manager/config/filebeat.yml b/build-docker-images/wazuh-manager/config/filebeat.yml
index 8d1823af..be56e2b1 100644
--- a/build-docker-images/wazuh-manager/config/filebeat.yml
+++ b/build-docker-images/wazuh-manager/config/filebeat.yml
@@ -8,8 +8,6 @@ filebeat.modules:
       enabled: false
 
 setup.template.json.enabled: true
-setup.template.json.path: '/etc/filebeat/wazuh-template.json'
-setup.template.json.name: 'wazuh'
 setup.template.overwrite: true
 setup.ilm.enabled: false
 output.elasticsearch:

From 892822fe293fb98d689c6017db04a51a10581239 Mon Sep 17 00:00:00 2001
From: c-bordon <carlos.e.bordon@gmail.com>
Date: Thu, 4 Jan 2024 12:34:10 -0300
Subject: [PATCH 2/8] Update check test

---
 .github/workflows/push.yml                    | 41 +++++++++----------
 .../wazuh-indexer/config/ism-check.sh         |  2 +-
 2 files changed, 21 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 51077968..b9a8b215 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -124,6 +124,26 @@ jobs:
         exit 1
        fi
 
+    - name: Check Wazuh manager start
+      run: |
+        services="`curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items | grep running | wc -l`"
+        if [[ $services -gt 9 ]]; then
+          echo "Wazuh Manager Services: ${services}"
+          echo "OK"
+        else
+          echo "Wazuh indexer nodes: ${nodes}"
+          curl -k -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items
+          exit 1
+        fi
+      env:
+        TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
+
+    - name: Check errors in ossec.log
+      run: ./.github/single-node-log-check.sh
+
+    - name: Check filebeat output
+      run: ./.github/single-node-filebeat-check.sh
+
     - name: Check documents into wazuh-alerts index
       run: |
        docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
@@ -147,27 +167,6 @@ jobs:
         exit 1
        fi
 
-    - name: Check Wazuh manager start
-      run: |
-        services="`curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items | grep running | wc -l`"
-        if [[ $services -gt 9 ]]; then
-          echo "Wazuh Manager Services: ${services}"
-          echo "OK"
-        else
-          echo "Wazuh indexer nodes: ${nodes}"
-          curl -k -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items
-          exit 1
-        fi
-      env:
-        TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
-
-    - name: Check errors in ossec.log
-      run: ./.github/single-node-log-check.sh
-
-
-    - name: Check filebeat output
-      run: ./.github/single-node-filebeat-check.sh
-
     - name: Check Wazuh dashboard service URL
       run: |
        status=$(curl -XGET --silent  https://0.0.0.0:443/app/status -k -u admin:SecretPassword -I -s | grep -E "^HTTP" | awk  '{print $2}')
diff --git a/build-docker-images/wazuh-indexer/config/ism-check.sh b/build-docker-images/wazuh-indexer/config/ism-check.sh
index a913c7b0..6aef3ee5 100644
--- a/build-docker-images/wazuh-indexer/config/ism-check.sh
+++ b/build-docker-images/wazuh-indexer/config/ism-check.sh
@@ -12,4 +12,4 @@ if [[ -n "$INDEXER_PASSWORD"  ]]; then
         sleep 30
     done
     bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh  -p $INDEXER_PASSWORD -i $SERVER -P $ISM_PRIORITY -d $MIN_DOC_COUNT -a $MIN_INDEX_AGE -s $MIN_SHARD_SIZE -t $WAZUH_TEMPLATE
-fi
\ No newline at end of file
+fi

From caddf2893a37f7474a056cb562fe3236f41025c6 Mon Sep 17 00:00:00 2001
From: c-bordon <carlos.e.bordon@gmail.com>
Date: Thu, 4 Jan 2024 13:02:39 -0300
Subject: [PATCH 3/8] Testing with sleep

---
 .github/workflows/push.yml | 43 ++++++++++++++++++++------------------
 1 file changed, 23 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index b9a8b215..f292275c 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -124,28 +124,9 @@ jobs:
         exit 1
        fi
 
-    - name: Check Wazuh manager start
-      run: |
-        services="`curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items | grep running | wc -l`"
-        if [[ $services -gt 9 ]]; then
-          echo "Wazuh Manager Services: ${services}"
-          echo "OK"
-        else
-          echo "Wazuh indexer nodes: ${nodes}"
-          curl -k -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items
-          exit 1
-        fi
-      env:
-        TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
-
-    - name: Check errors in ossec.log
-      run: ./.github/single-node-log-check.sh
-
-    - name: Check filebeat output
-      run: ./.github/single-node-filebeat-check.sh
-
     - name: Check documents into wazuh-alerts index
       run: |
+       sleep 120
        docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
        if [[ $docs -gt 100 ]]; then
         echo "wazuh-alerts index documents: ${docs}"
@@ -167,6 +148,27 @@ jobs:
         exit 1
        fi
 
+    - name: Check Wazuh manager start
+      run: |
+        services="`curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items | grep running | wc -l`"
+        if [[ $services -gt 9 ]]; then
+          echo "Wazuh Manager Services: ${services}"
+          echo "OK"
+        else
+          echo "Wazuh indexer nodes: ${nodes}"
+          curl -k -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items
+          exit 1
+        fi
+      env:
+        TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
+
+    - name: Check errors in ossec.log
+      run: ./.github/single-node-log-check.sh
+
+
+    - name: Check filebeat output
+      run: ./.github/single-node-filebeat-check.sh
+
     - name: Check Wazuh dashboard service URL
       run: |
        status=$(curl -XGET --silent  https://0.0.0.0:443/app/status -k -u admin:SecretPassword -I -s | grep -E "^HTTP" | awk  '{print $2}')
@@ -249,6 +251,7 @@ jobs:
 
     - name: Check documents into wazuh-alerts index
       run: |
+       sleep 120
        docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
        if [[ $docs -gt 100 ]]; then
         echo "wazuh-alerts index documents: ${docs}"

From b2ef887f66c3ce4712971f862e471761dcd7f9d6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= <teddytpc1@gmail.com>
Date: Tue, 9 Jan 2024 10:47:19 -0300
Subject: [PATCH 4/8] Bump revision for 4.8.0-alpha2

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index ad87fa06..1188330c 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-DOCKER_VERSION="4.8.0"
-REVISION="40800"
+REVISION="40802"

From adba797c5432d69ebf777dfed4e41f8c7b2b27ff Mon Sep 17 00:00:00 2001
From: vcerenu <victor.erenu@wazuh.com>
Date: Tue, 16 Jan 2024 12:40:17 -0300
Subject: [PATCH 5/8] add xz-utils install

---
 build-docker-images/wazuh-manager/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile
index a18bbe82..e9f22a0b 100644
--- a/build-docker-images/wazuh-manager/Dockerfile
+++ b/build-docker-images/wazuh-manager/Dockerfile
@@ -10,7 +10,7 @@ ARG FILEBEAT_CHANNEL=filebeat-oss
 ARG FILEBEAT_VERSION=7.10.2
 ARG WAZUH_FILEBEAT_MODULE
 
-RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y
+RUN apt-get update && apt install curl apt-transport-https lsb-release xz-utils gnupg -y
 
 COPY config/check_repository.sh /
 RUN chmod 775 /check_repository.sh

From 114d6edff21c3ba2df275167c24c3f2be36bd96d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= <teddytpc1@gmail.com>
Date: Mon, 29 Jan 2024 15:48:48 -0300
Subject: [PATCH 6/8] Indexer tag and wazuh-keystore updates

---
 .../wazuh-manager/config/etc/cont-init.d/2-manager             | 3 ++-
 multi-node/config/wazuh_cluster/wazuh_manager.conf             | 2 --
 multi-node/config/wazuh_cluster/wazuh_worker.conf              | 2 --
 single-node/config/wazuh_cluster/wazuh_manager.conf            | 2 --
 4 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
index f0cf6ec3..dd14d74f 100644
--- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
+++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
@@ -115,7 +115,8 @@ function_entrypoint_scripts() {
 function_configure_vulnerability_detection() {
 if [ "$INDEXER_PASSWORD" != "" ]; then
   >&2 echo "Configuring password."
-  sed -i "s|<password>VDPass</password>|<password>$INDEXER_PASSWORD</password>|g" /var/ossec/etc/ossec.conf
+  /var/ossec/bin/wazuh-keystore -f indexer -k user -v $INDEXER_USERNAME
+  /var/ossec/bin/wazuh-keystore -f indexer -k password -v $INDEXER_PASSWORD
 fi
 }
 
diff --git a/multi-node/config/wazuh_cluster/wazuh_manager.conf b/multi-node/config/wazuh_cluster/wazuh_manager.conf
index 1ec10630..92e5662f 100644
--- a/multi-node/config/wazuh_cluster/wazuh_manager.conf
+++ b/multi-node/config/wazuh_cluster/wazuh_manager.conf
@@ -108,8 +108,6 @@
       <host>https://wazuh2.indexer:9200</host>
       <host>https://wazuh3.indexer:9200</host>
     </hosts>
-    <username>admin</username>
-    <password>VDPass</password>
     <ssl>
       <certificate_authorities>
         <ca>/etc/ssl/root-ca.pem</ca>
diff --git a/multi-node/config/wazuh_cluster/wazuh_worker.conf b/multi-node/config/wazuh_cluster/wazuh_worker.conf
index 9d277622..b49aa071 100644
--- a/multi-node/config/wazuh_cluster/wazuh_worker.conf
+++ b/multi-node/config/wazuh_cluster/wazuh_worker.conf
@@ -108,8 +108,6 @@
       <host>https://wazuh2.indexer:9200</host>
       <host>https://wazuh3.indexer:9200</host>
     </hosts>
-    <username>admin</username>
-    <password>VDPass</password>
     <ssl>
       <certificate_authorities>
         <ca>/etc/ssl/root-ca.pem</ca>
diff --git a/single-node/config/wazuh_cluster/wazuh_manager.conf b/single-node/config/wazuh_cluster/wazuh_manager.conf
index 9dd0990c..64da4d81 100644
--- a/single-node/config/wazuh_cluster/wazuh_manager.conf
+++ b/single-node/config/wazuh_cluster/wazuh_manager.conf
@@ -106,8 +106,6 @@
     <hosts>
       <host>https://wazuh.indexer:9200</host>
     </hosts>
-    <username>admin</username>
-    <password>VDPass</password>
     <ssl>
       <certificate_authorities>
         <ca>/etc/ssl/root-ca.pem</ca>

From ec63264545aa70bfd14f4df04eb151cbba82f43e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= <teddytpc1@gmail.com>
Date: Wed, 31 Jan 2024 09:23:50 -0300
Subject: [PATCH 7/8] Changed user for username in the wazuh-keystore command

---
 .../wazuh-manager/config/etc/cont-init.d/2-manager              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
index dd14d74f..0bd90fd6 100644
--- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
+++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
@@ -115,7 +115,7 @@ function_entrypoint_scripts() {
 function_configure_vulnerability_detection() {
 if [ "$INDEXER_PASSWORD" != "" ]; then
   >&2 echo "Configuring password."
-  /var/ossec/bin/wazuh-keystore -f indexer -k user -v $INDEXER_USERNAME
+  /var/ossec/bin/wazuh-keystore -f indexer -k username -v $INDEXER_USERNAME
   /var/ossec/bin/wazuh-keystore -f indexer -k password -v $INDEXER_PASSWORD
 fi
 }

From 174ae3d14c1c5b400c70e9f1aa9ea259c5289538 Mon Sep 17 00:00:00 2001
From: vcerenu <victor.erenu@wazuh.com>
Date: Mon, 5 Feb 2024 04:55:41 -0300
Subject: [PATCH 8/8] bump revision

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 1188330c..55b3e097 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-DOCKER_VERSION="4.8.0"
-REVISION="40802"
+REVISION="40803"