Adding support for ES and OD on Github Action tests

.github/workflows/main.yml

@@ -9,33 +9,69 @@ jobs:
     steps:
     - name: Check out code
       uses: actions/checkout@v2
-    - name: Build and launch Linting test
-      uses: './.github/actions/validate_module'
-    - name: Amazon linux - (Manager + Agent)
+    # - name: Build and launch Linting test
+    #   uses: './.github/actions/validate_module'
+    - name: Amazon linux - (Manager + Agent + ES)
       uses: './.github/actions/test_manager_and_agent'
       env:
         IMAGE: diodonfrost/amazonlinux-2-puppet
         PLATFORM: rhel
         RELEASE: latest
         RUN_COMMAND: /usr/sbin/init
-    - name: CentOS 7 - (Manager + Agent)
+        ELASTIC_INSTALL_TYPE: elastic_licensed
+    - name: CentOS 7 - (Manager + Agent + ES)
       uses: './.github/actions/test_manager_and_agent'
       env:
         IMAGE: centos/systemd:latest
         PLATFORM: centos
         RELEASE: 7
         RUN_COMMAND: /sbin/init
-    - name: Ubuntu 16.04 - (Manager + Agent)
+        ELASTIC_INSTALL_TYPE: elastic_licensed
+    - name: Ubuntu 16.04 - (Manager + Agent + ES)
       uses: './.github/actions/test_manager_and_agent'
       env:
         IMAGE: jrei/systemd-ubuntu:16.04
         PLATFORM: ubuntu
         RELEASE: 16
         RUN_COMMAND: /sbin/init
-    - name: Ubuntu 18.04 - (Manager + Agent)
+        ELASTIC_INSTALL_TYPE: elastic_licensed
+    - name: Ubuntu 18.04 - (Manager + Agent + ES)
       uses: './.github/actions/test_manager_and_agent'
       env:
         IMAGE: jrei/systemd-ubuntu:18.04
         PLATFORM: ubuntu
         RELEASE: 18
         RUN_COMMAND: /sbin/init
+        ELASTIC_INSTALL_TYPE: elastic_licensed
+    - name: Amazon linux - (Manager + Agent + OD)
+      uses: './.github/actions/test_manager_and_agent'
+      env:
+        IMAGE: diodonfrost/amazonlinux-2-puppet
+        PLATFORM: rhel
+        RELEASE: latest
+        RUN_COMMAND: /usr/sbin/init
+        ELASTIC_INSTALL_TYPE: opendistro
+    - name: CentOS 7 - (Manager + Agent + OD)
+      uses: './.github/actions/test_manager_and_agent'
+      env:
+        IMAGE: centos/systemd:latest
+        PLATFORM: centos
+        RELEASE: 7
+        RUN_COMMAND: /sbin/init
+        ELASTIC_INSTALL_TYPE: opendistro
+    - name: Ubuntu 16.04 - (Manager + Agent + OD)
+      uses: './.github/actions/test_manager_and_agent'
+      env:
+        IMAGE: jrei/systemd-ubuntu:16.04
+        PLATFORM: ubuntu
+        RELEASE: 16
+        RUN_COMMAND: /sbin/init
+        ELASTIC_INSTALL_TYPE: opendistro
+    - name: Ubuntu 18.04 - (Manager + Agent + OD)
+      uses: './.github/actions/test_manager_and_agent'
+      env:
+        IMAGE: jrei/systemd-ubuntu:18.04
+        PLATFORM: ubuntu
+        RELEASE: 18
+        RUN_COMMAND: /sbin/init
+        ELASTIC_INSTALL_TYPE: opendistro

README.md

@@ -107,7 +107,7 @@ This Puppet module has been authored by Nicolas Zin, and updated by Jonathan Gaz
 ## License and copyright
 
 WAZUH
-Copyright (C) 2019 Wazuh Inc.  (License GPLv2)
+Copyright (C) 2020 Wazuh Inc.  (License GPLv2)
 
 Based on OSSEC
 Copyright (C) 2015 Trend Micro Inc.

kitchen/kitchen.yml

@@ -16,7 +16,7 @@ platforms:
     driver_config:
       image: <%= ENV['IMAGE'] %>
       platform: <%= ENV['PLATFORM'] %>
-      hostname: manager_<%= ENV['PLATFORM'] %>_<%= ENV['RELEASE'] %>
+      hostname: manager_<%= ENV['ELASTIC_INSTALL_TYPE'] %>_<%= ENV['PLATFORM'] %>_<%= ENV['RELEASE'] %>
       run_command: <%= ENV['RUN_COMMAND'] %>
       privileged: true
       volume:
@@ -36,7 +36,7 @@ platforms:
       provision_command:
         - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
 suites:
-  - name: mngr
+  - name: mngr_<%= ENV['ELASTIC_INSTALL_TYPE'] %>
     manifest: site.pp
     verifier:
       name: inspec
@@ -49,3 +49,10 @@ suites:
       name: inspec
     includes:
       - <%= ENV['PLATFORM'] %>_<%= ENV['RELEASE'] %>_agent-kitchen_puppet
+
+  # - name: elastic
+  #   manifest: site.pp
+  #   verifier:
+  #     name: inspec
+  #   includes:
+  #     - <%= ENV['PLATFORM'] %>_<%= ENV['RELEASE'] %>_manager_kitchen_puppet

kitchen/manifests/site.pp.template

@@ -1,6 +1,25 @@
-node /^manager/ {
-  class { 'wazuh::manager':}
+node /^manager_elastic_licensed/ {
+  class { 'wazuh::manager':
+        } ->
+  class { 'wazuh::filebeat':
+        } ->
+  class { 'wazuh::elasticsearch':
+        } ->
+  class { 'wazuh::kibana':
+        }
 }
+
+node /^manager_opendistro/ {
+  class { 'wazuh::manager':
+        } ->
+  class { 'wazuh::filebeat_oss':
+        } ->
+  class { 'wazuh::opendistro':
+        } ->
+  class { 'wazuh::kibana_od':
+        }
+}
+
 node /^agent/ {
   class { 'wazuh::agent':
         wazuh_register_endpoint => 'manager_ip',

kitchen/test/integration/agent/agent_spec.rb

@@ -1,27 +1,26 @@
-describe do
-  describe package('wazuh-agent') do
-    it { is_expected.to be_installed }
-    its('version') { is_expected.to eq '3.13.1-1' }
-  end
+describe package('wazuh-agent') do
+  it { is_expected.to be_installed }
+  its('version') { is_expected.to eq '3.13.1-1' }
+end
 
-  describe service('wazuh-agent') do
-    it { is_expected.to be_installed }
-    it { is_expected.to be_enabled }
-    it { is_expected.to be_running }
-  end
+describe service('wazuh-agent') do
+  it { is_expected.to be_installed }
+  it { is_expected.to be_enabled }
+  it { is_expected.to be_running }
+end
 
-  # Verifying daemons
+# Verifying daemons
 
-  wazuh_daemons = {
-    'ossec-agentd' => 'ossec',
-    'ossec-execd' => 'root',
-    'ossec-syscheckd' => 'root',
-    'wazuh-modulesd' => 'root',
-  }
+wazuh_daemons = {
+  'ossec-agentd' => 'ossec',
+  'ossec-execd' => 'root',
+  'ossec-syscheckd' => 'root',
+  'wazuh-modulesd' => 'root',
+}
 
-  wazuh_daemons.each do |key, value|
-    describe processes(key) do
-      its('users') { is_expected.to eq [value] }
-    end
+wazuh_daemons.each do |key, value|
+  describe processes(key) do
+    its('users') { is_expected.to eq [value] }
   end
 end
+

kitchen/test/integration/mngr_elastic_licensed/manager_spec.rb

@@ -0,0 +1,84 @@
+describe package('wazuh-manager') do
+  it { is_expected.to be_installed }
+  its('version') { is_expected.to eq '3.13.1-1' }
+end
+
+describe service('wazuh-manager') do
+  it { is_expected.to be_installed }
+  it { is_expected.to be_enabled }
+  it { is_expected.to be_running }
+end
+
+# Verifying daemons
+
+wazuh_daemons = {
+  'ossec-authd' => 'root',
+  'ossec-execd' => 'root',
+  'ossec-analysisd' => 'ossec',
+  'ossec-syscheckd' => 'root',
+  'ossec-remoted' => 'ossecr',
+  'ossec-logcollector' => 'root',
+  'ossec-monitord' => 'ossec',
+  'wazuh-db' => 'ossec',
+  'wazuh-modulesd' => 'root',
+}
+
+wazuh_daemons.each do |key, value|
+  describe processes(key) do
+    its('users') { is_expected.to eq [value] }
+  end
+end
+
+describe service('filebeat') do
+  it { is_expected.to be_installed }
+  it { is_expected.to be_enabled }
+  it { is_expected.to be_running }
+end
+
+describe service('elasticsearch') do
+  it { is_expected.to be_installed }
+  it { is_expected.to be_enabled }
+  it { is_expected.to be_running }
+end
+
+describe service('kibana') do
+  it { is_expected.to be_installed }
+  it { is_expected.to be_enabled }
+  it { is_expected.to be_running }
+end
+
+if os.family == 'debian'
+  describe package('filebeat') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '7.8.1' }
+  end
+
+  describe package('elasticsearch') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '7.8.1' }
+  end
+
+  describe package('kibana') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '7.8.1' }
+  end
+elsif os.family == 'redhat'
+  describe package('filebeat') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '7.8.1-1' }
+  end
+
+  describe package('elasticsearch') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '7.8.1-1' }
+  end
+
+  describe package('kibana') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '7.8.1-1' }
+  end
+end
+
+describe http('http://localhost:9200') do
+  its('status') { should cmp 200 }
+end

kitchen/test/integration/mngr_opendistro/manager_spec.rb

@@ -0,0 +1,88 @@
+describe package('wazuh-manager') do
+  it { is_expected.to be_installed }
+  its('version') { is_expected.to eq '3.13.1-1' }
+end
+
+describe service('wazuh-manager') do
+  it { is_expected.to be_installed }
+  it { is_expected.to be_enabled }
+  it { is_expected.to be_running }
+end
+
+# Verifying daemons
+
+wazuh_daemons = {
+  'ossec-authd' => 'root',
+  'ossec-execd' => 'root',
+  'ossec-analysisd' => 'ossec',
+  'ossec-syscheckd' => 'root',
+  'ossec-remoted' => 'ossecr',
+  'ossec-logcollector' => 'root',
+  'ossec-monitord' => 'ossec',
+  'wazuh-db' => 'ossec',
+  'wazuh-modulesd' => 'root',
+}
+
+wazuh_daemons.each do |key, value|
+  describe processes(key) do
+    its('users') { is_expected.to eq [value] }
+  end
+end
+
+describe service('filebeat') do
+  it { is_expected.to be_installed }
+  it { is_expected.to be_enabled }
+  it { is_expected.to be_running }
+end
+
+describe service('elasticsearch') do
+  it { is_expected.to be_installed }
+  it { is_expected.to be_enabled }
+  it { is_expected.to be_running }
+end
+
+describe service('kibana') do
+  it { is_expected.to be_installed }
+  it { is_expected.to be_enabled }
+  it { is_expected.to be_running }
+end
+
+if os.family == 'debian'
+  describe package('filebeat') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '7.8.0' }
+  end
+
+  describe package('opendistroforelasticsearch') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '1.9.0-1' }
+  end
+
+  describe package('opendistroforelasticsearch-kibana') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '1.9.0' }
+  end
+elsif os.family == 'redhat'
+  describe package('filebeat') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '7.8.0-1' }
+  end
+
+  describe package('opendistroforelasticsearch') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '1.9.0-1' }
+  end
+
+  describe package('opendistroforelasticsearch-kibana') do
+    it { is_expected.to be_installed }
+    its('version') { is_expected.to eq '1.9.0-1' }
+  end
+end
+
+describe http('https://localhost:9200', auth: {user: 'admin', pass: 'admin'}, ssl_verify: false) do
+  its('status') { should cmp 200 }
+end
+
+# describe http('http://localhost:5601/login') do
+#   its('status', retry: 20, retry_wait: 5) { should cmp 200 }
+# end