Merge pull request #1 from NeowayLabs/new-ansible-role-for-wazuh-agent

First version of the Wazuh Client role

CHANGELOG.md

@@ -0,0 +1,5 @@
+# Changelog
+
+## [1.0.0] - 2022-06-02
+### Added
+- Initial version [@marcelokkruger](https://github.com/marcelokkruger/).

README.md

@@ -1,2 +1,64 @@
 # ansible-wazuh-agent
+
+[![License](https://img.shields.io/badge/license-Apache--2.0-brightgreen?style=flat)](https://opensource.org/licenses/Apache-2.0)
+
 This role is used for installing and configuring the Wazuh client on Ubuntu and RedHat based operating systems.
+
+Restrictions for this library are in:
+
+* CentOS 7 or Rocky Linux 8
+* Ubuntu distribution, recommended versions above 18.04
+
+This role was developed following the instructions available on the Wazuh
+
+https://documentation.wazuh.com/current/installation-guide/wazuh-agent/index.html
+
+And using the role as a base
+
+https://github.com/lotusnoir/ansible-apps_wazuh_agent
+
+## Role Variables (default values)
+
+```yaml
+wazuh_version: "4.x"
+wazuh_manager_ip: ""
+wazuh_manager_port: "1514"
+wazuh_registration_port: "1515"
+wazuh_manager_protocol: "tcp"
+wazuh_agent_group: "server-linux"
+wazuh_registration_password: ""
+```
+
+### Example Playbook
+
+```yaml
+- name: Install and Configure Wazuh Agent
+  hosts: all
+  roles:
+    - role: "ansible-wazuh-agent"
+  vars:
+    - wazuh_manager_ip: "127.0.0.1"
+    - wazuh_registration_password: "XXXXXXXXXXXXX"
+```
+
+## To run tests on molecule
+
+Packages needed to install
+
+* molecule
+* molecule-docker
+* molecule-goss
+
+Run the commands to install
+
+```
+pip install molecule
+pip install molecule-docker
+pip install molecule-goss
+```
+
+To run the test run the command below
+
+```
+molecule test
+```

defaults/main.yml

@@ -0,0 +1,8 @@
+---
+wazuh_version: "4.x"
+wazuh_manager_ip: ""
+wazuh_manager_port: "1514"
+wazuh_registration_port: "1515"
+wazuh_manager_protocol: "tcp"
+wazuh_agent_group: "server-linux"
+wazuh_registration_password: ""

handlers/main.yml

@@ -0,0 +1,3 @@
+---
+- name: restart wazuh-agent
+  service: name=wazuh-agent state=restarted

meta/main.yml

@@ -0,0 +1,37 @@
+---
+galaxy_info:
+  author: NeowayLabs
+  role_name: wazuh_agent
+  namespace: neowaylabs
+  description: "This role is used for installing and configuring the Wazuh client on Ubuntu and RedHat based operating systems."
+  license: "Apache License, Version 2.0"
+  min_ansible_version: 2.8
+
+  platforms:
+    - name: "Ubuntu"
+      versions:
+        - "focal"
+        - "bionic"
+        - "impish"
+        - "jammy"
+        - "kinetic"
+    - name: "Debian"
+      versions:
+        - "bullseye"
+        - "buster"
+    - name: "RedHat"
+      versions:
+        - "Maipo"
+    - name: "CentOS"
+      versions:
+        - "7"
+    - name: "Rocky"
+      versions:
+        - "8"
+
+  galaxy_tags:
+    - security
+    - wazuh
+    - agent
+
+dependencies: []

molecule/default/Dockerfile.j2

@@ -0,0 +1,16 @@
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.debian is defined %}
+RUN apt-get -y update
+RUN apt-get -y install python3 procps
+{% elif item.image == 'centos:7' %}
+RUN yum -y update
+RUN yum -y install dfn python python-dnf
+{% else %}
+RUN yum -y update
+RUN yum -y install python3 python3-dnf
+{% endif %}

molecule/default/converge.yml

@@ -0,0 +1,7 @@
+---
+- name: Run role wazuh_agent
+  hosts: all
+  vars:
+    wazuh_manager_ip: localhost
+  roles:
+    - role: ansible-wazuh-agent

molecule/default/molecule.yml

@@ -0,0 +1,111 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+platforms:
+  - name: ubuntu18-wazuh-agent
+    dockerfile: Dockerfile.j2
+    pre_build_image: false
+    debian: true
+    image: ubuntu:bionic
+    docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+  - name: ubuntu20-wazuh-agent
+    dockerfile: Dockerfile.j2
+    pre_build_image: false
+    debian: true
+    image: ubuntu:focal
+    docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    groups:
+      - python3
+  - name: ubuntu21-wazuh-agent
+    dockerfile: Dockerfile.j2
+    pre_build_image: false
+    debian: true
+    image: ubuntu:impish
+    docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    groups:
+      - python3
+  - name: ubuntu22-wazuh-agent
+    dockerfile: Dockerfile.j2
+    pre_build_image: false
+    debian: true
+    image: ubuntu:jammy
+    docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    groups:
+      - python3
+  - name: ubuntu2210-wazuh-agent
+    dockerfile: Dockerfile.j2
+    pre_build_image: false
+    debian: true
+    image: ubuntu:kinetic
+    docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    groups:
+      - python3
+  - name: debian10-wazuh-agent
+    dockerfile: Dockerfile.j2
+    pre_build_image: false
+    debian: true
+    image: debian:buster
+    docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+  - name: debian11-wazuh-agent
+    dockerfile: Dockerfile.j2
+    pre_build_image: false
+    debian: true
+    image: debian:bullseye
+    docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+  - name: centos7-wazuh-agent
+    dockerfile: Dockerfile.j2
+    pre_build_image: false
+    image: centos:7
+    docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+  - name: rocky8-wazuh-agent
+    dockerfile: Dockerfile.j2
+    pre_build_image: false
+    image: rockylinux:8
+    docker_host: "${DOCKER_HOST:-unix://var/run/docker.sock}"
+    privileged: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    groups:
+      - python3
+provisioner:
+  name: ansible
+  playbooks:
+    prepare: prepare.yml
+    converge: converge.yml
+    verify: verify.yml
+  inventory:
+    group_vars:
+      python3:
+        ansible_python_interpreter: /usr/bin/python3
+    host_vars:
+      bullseye:
+        ansible_python_interpreter: "/usr/bin/python3.9"
+
+verifier:
+  name: goss

molecule/default/prepare.yml

@@ -0,0 +1,9 @@
+---
+- name: Prepare
+  hosts: all
+  gather_facts: true
+  tasks:
+    - name: Update apt cache.
+      apt: update_cache=yes cache_valid_time=600
+      when: ansible_os_family == 'Debian'
+      changed_when: false

molecule/default/tests/test_default.yml

@@ -0,0 +1,5 @@
+---
+service:
+  wazuh-agent:
+    enabled: true
+    running: true

molecule/default/verify.yml

@@ -0,0 +1,95 @@
+---
+- name: Verify
+  hosts: all
+  become: true
+  vars:
+    goss_version: v0.3.16
+    goss_arch: amd64
+    goss_bin: /usr/local/bin/goss
+    goss_test_directory: /tmp/molecule/goss
+    goss_format: documentation
+  tasks:
+    - name: Include roles' meta data
+      include_vars:
+        file: "../../meta/main.yml"
+    - name: Test the distribution is supported. End the host if not.
+      set_fact:
+        supported_distributions: "{{ galaxy_info.platforms|json_query('[].name') }}"
+    - block:
+        - name: Ending play...
+          meta: end_host
+      when: ansible_distribution not in supported_distributions
+    - name: Test the release is supported. End the host if not.
+      set_fact:
+        supported_releases: "{{ (galaxy_info.platforms| selectattr('name', 'match', ansible_distribution)| list|first).versions }}"
+    - block:
+        - name: Ending play...
+          meta: end_host
+      when: ansible_distribution_release not in supported_releases and ansible_distribution_major_version not in supported_releases
+
+    - name: Install ca-certificates
+      package:
+        name: ca-certificates
+        state: present
+
+    - name: Download and install Goss
+      get_url:
+        url: "https://github.com/aelsabbahy/goss/releases/download/{{ goss_version }}/goss-linux-{{ goss_arch }}"
+        dest: "{{ goss_bin }}"
+        mode: 0755
+
+    - name: Create Molecule directory for test files
+      file:
+        path: "{{ goss_test_directory }}"
+        state: directory
+        mode: '0755'
+
+    - name: Find Goss tests on localhost
+      find:
+        paths: "{{ lookup('env', 'MOLECULE_VERIFIER_TEST_DIRECTORY') }}"
+        patterns:
+          - "test[-.\\w]*.yml"
+          - "test_host_{{ ansible_hostname }}[-.\\w]*.yml"
+        excludes:
+          - "test_host_(?!{{ ansible_hostname }})[-.\\w]*.yml"
+        use_regex: true
+      delegate_to: localhost
+      register: test_files
+      changed_when: false
+      become: false
+
+    - name: debug
+      debug:
+        msg: "{{ test_files.files }}"
+        verbosity: 3
+
+    - name: Copy Goss tests to remote
+      copy:
+        src: "{{ item.path }}"
+        dest: "{{ goss_test_directory }}/{{ item.path | basename }}"
+        mode: '0644'
+      with_items:
+        - "{{ test_files.files }}"
+
+    - name: Register test files
+      shell: "ls {{ goss_test_directory }}/test_*.yml"
+      register: test_files
+      changed_when: false
+
+    - name: Execute Goss tests
+      command: "{{ goss_bin }} -g {{ item }} validate --format {{ goss_format }}"
+      register: test_results
+      with_items: "{{ test_files.stdout_lines }}"
+      failed_when: false
+      changed_when: false
+
+    - name: Display details about the Goss results
+      debug:
+        msg: "{{ item.stdout_lines }}"
+      with_items: "{{ test_results.results }}"
+
+    - name: Fail when tests fail
+      fail:
+        msg: "Goss failed to validate"
+      when: item.rc != 0
+      with_items: "{{ test_results.results }}"