From 1a9fc1d1505d2ac482dca4dcb9ae6f57373a5947 Mon Sep 17 00:00:00 2001 From: Tostti Date: Wed, 9 Aug 2023 17:05:29 -0300 Subject: [PATCH 01/10] Fix year in PDF footer --- common/constants.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/constants.ts b/common/constants.ts index 5744bb45b3..98e143cc75 100644 --- a/common/constants.ts +++ b/common/constants.ts @@ -278,7 +278,7 @@ export const ASSETS_PUBLIC_URL = '/plugins/wazuh/public/assets/'; // Reports export const REPORTS_LOGO_IMAGE_ASSETS_RELATIVE_PATH = 'images/logo_reports.png'; export const REPORTS_PRIMARY_COLOR = '#256BD1'; -export const REPORTS_PAGE_FOOTER_TEXT = 'Copyright © 2022 Wazuh, Inc.'; +export const REPORTS_PAGE_FOOTER_TEXT = 'Copyright © 2023 Wazuh, Inc.'; export const REPORTS_PAGE_HEADER_TEXT = 'info@wazuh.com\nhttps://wazuh.com'; // Plugin platform From a9e024119e717522fd0490e650e5f956b76b34dd Mon Sep 17 00:00:00 2001 From: Tostti Date: Wed, 9 Aug 2023 17:10:28 -0300 Subject: [PATCH 02/10] Modify changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2d431e1364..5fbd0d6fb1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ All notable changes to the Wazuh app project will be documented in this file. - Fixed the agents active coverage stat as NaN in Details panel of Agents section [#5490](https://github.com/wazuh/wazuh-kibana-app/pull/5490) - Fixed a broken documentation link to agent labels [#5687](https://github.com/wazuh/wazuh-kibana-app/pull/5687) - Fixed the PDF report filters applied to tables [#5714](https://github.com/wazuh/wazuh-kibana-app/pull/5714) +- Fixed outdated year in the PDF report footer [#5766](https://github.com/wazuh/wazuh-kibana-app/pull/5766) ### Removed From 382c59e6409d1d87a5ce4da9becbd6fef6d809dd Mon Sep 17 00:00:00 2001 From: Tostti Date: Wed, 9 Aug 2023 17:26:17 -0300 Subject: [PATCH 03/10] Change tests to match the new value --- common/services/settings.test.ts | 115 ++++++++++++++++--------------- 1 file changed, 61 insertions(+), 54 deletions(-) diff --git a/common/services/settings.test.ts b/common/services/settings.test.ts index eeee05d52b..21efe9e414 100644 --- a/common/services/settings.test.ts +++ b/common/services/settings.test.ts @@ -1,60 +1,67 @@ import { - formatLabelValuePair, - formatSettingValueToFile, - getCustomizationSetting -} from "./settings"; + formatLabelValuePair, + formatSettingValueToFile, + getCustomizationSetting, +} from './settings'; describe('[settings] Methods', () => { + describe('formatLabelValuePair: Format the label-value pairs used to display the allowed values', () => { + it.each` + label | value | expected + ${'TestLabel'} | ${true} | ${'true (TestLabel)'} + ${'true'} | ${true} | ${'true'} + `( + `label: $label | value: $value | expected: $expected`, + ({ label, expected, value }) => { + expect(formatLabelValuePair(label, value)).toBe(expected); + }, + ); + }); - describe('formatLabelValuePair: Format the label-value pairs used to display the allowed values', () => { - it.each` - label | value | expected - ${'TestLabel'} | ${true} | ${'true (TestLabel)'} - ${'true'} | ${true} | ${'true'} - `(`label: $label | value: $value | expected: $expected`, ({ label, expected, value }) => { - expect(formatLabelValuePair(label, value)).toBe(expected); - }); - }); + describe('formatSettingValueToFile: Format setting values to save in the configuration file', () => { + it.each` + input | expected + ${'test'} | ${'"test"'} + ${'test space'} | ${'"test space"'} + ${'test\nnew line'} | ${'"test\\nnew line"'} + ${''} | ${'""'} + ${1} | ${1} + ${true} | ${true} + ${false} | ${false} + ${['test1']} | ${'["test1"]'} + ${['test1', 'test2']} | ${'["test1","test2"]'} + `(`input: $input | expected: $expected`, ({ input, expected }) => { + expect(formatSettingValueToFile(input)).toBe(expected); + }); + }); - describe('formatSettingValueToFile: Format setting values to save in the configuration file', () => { - it.each` - input | expected - ${'test'} | ${'\"test\"'} - ${'test space'} | ${'\"test space\"'} - ${'test\nnew line'} | ${'\"test\\nnew line\"'} - ${''} | ${'\"\"'} - ${1} | ${1} - ${true} | ${true} - ${false} | ${false} - ${['test1']} | ${'[\"test1\"]'} - ${['test1', 'test2']} | ${'[\"test1\",\"test2\"]'} - `(`input: $input | expected: $expected`, ({ input, expected }) => { - expect(formatSettingValueToFile(input)).toBe(expected); - }); - }); - - describe('getCustomizationSetting: Get the value for the "customization." settings depending on the "customization.enabled" setting', () => { - it.each` - customizationEnabled | settingKey | configValue | expected - ${true} | ${'customization.logo.app'} | ${'custom-image-app.png'} | ${'custom-image-app.png'} - ${true} | ${'customization.logo.app'} | ${''} | ${''} - ${false} | ${'customization.logo.app'} | ${'custom-image-app.png'} | ${''} - ${false} | ${'customization.logo.app'} | ${''} | ${''} - ${true} | ${'customization.reports.footer'} | ${'Custom footer'} | ${'Custom footer'} - ${true} | ${'customization.reports.footer'} | ${''} | ${'Copyright © 2022 Wazuh, Inc.'} - ${false} | ${'customization.reports.footer'} | ${'Custom footer'} | ${'Copyright © 2022 Wazuh, Inc.'} - ${false} | ${'customization.reports.footer'} | ${''} | ${'Copyright © 2022 Wazuh, Inc.'} - ${false} | ${'customization.reports.footer'} | ${''} | ${'Copyright © 2022 Wazuh, Inc.'} - ${true} | ${'customization.reports.header'} | ${'Custom header'} | ${'Custom header'} - ${true} | ${'customization.reports.header'} | ${''} | ${'info@wazuh.com\nhttps://wazuh.com'} - ${false} | ${'customization.reports.header'} | ${'Custom header'} | ${'info@wazuh.com\nhttps://wazuh.com'} - ${false} | ${'customization.reports.header'} | ${''} | ${'info@wazuh.com\nhttps://wazuh.com'} - `(`customizationEnabled: $customizationEnabled | settingKey: $settingKey | configValue: $configValue | expected: $expected`, ({ configValue, customizationEnabled, expected, settingKey }) => { - const configuration = { - 'customization.enabled': customizationEnabled, - [settingKey]: configValue - }; - expect(getCustomizationSetting(configuration, settingKey)).toBe(expected); - }); - }); + describe('getCustomizationSetting: Get the value for the "customization." settings depending on the "customization.enabled" setting', () => { + it.each` + customizationEnabled | settingKey | configValue | expected + ${true} | ${'customization.logo.app'} | ${'custom-image-app.png'} | ${'custom-image-app.png'} + ${true} | ${'customization.logo.app'} | ${''} | ${''} + ${false} | ${'customization.logo.app'} | ${'custom-image-app.png'} | ${''} + ${false} | ${'customization.logo.app'} | ${''} | ${''} + ${true} | ${'customization.reports.footer'} | ${'Custom footer'} | ${'Custom footer'} + ${true} | ${'customization.reports.footer'} | ${''} | ${'Copyright © 2023 Wazuh, Inc.'} + ${false} | ${'customization.reports.footer'} | ${'Custom footer'} | ${'Copyright © 2023 Wazuh, Inc.'} + ${false} | ${'customization.reports.footer'} | ${''} | ${'Copyright © 2023 Wazuh, Inc.'} + ${false} | ${'customization.reports.footer'} | ${''} | ${'Copyright © 2023 Wazuh, Inc.'} + ${true} | ${'customization.reports.header'} | ${'Custom header'} | ${'Custom header'} + ${true} | ${'customization.reports.header'} | ${''} | ${'info@wazuh.com\nhttps://wazuh.com'} + ${false} | ${'customization.reports.header'} | ${'Custom header'} | ${'info@wazuh.com\nhttps://wazuh.com'} + ${false} | ${'customization.reports.header'} | ${''} | ${'info@wazuh.com\nhttps://wazuh.com'} + `( + `customizationEnabled: $customizationEnabled | settingKey: $settingKey | configValue: $configValue | expected: $expected`, + ({ configValue, customizationEnabled, expected, settingKey }) => { + const configuration = { + 'customization.enabled': customizationEnabled, + [settingKey]: configValue, + }; + expect(getCustomizationSetting(configuration, settingKey)).toBe( + expected, + ); + }, + ); + }); }); From 7090dfc2def6fe41135bb3ae798246725a0ea2c5 Mon Sep 17 00:00:00 2001 From: Tostti Date: Wed, 9 Aug 2023 17:36:24 -0300 Subject: [PATCH 04/10] Change md5 in reporting test --- docker/osd-dev/config/2.x/osd/wazuh.yml | 8 +- docker/osd-dev/dev.yml | 242 ++++++++++++++---------- server/routes/wazuh-reporting.test.ts | 134 +++++++++---- 3 files changed, 242 insertions(+), 142 deletions(-) diff --git a/docker/osd-dev/config/2.x/osd/wazuh.yml b/docker/osd-dev/config/2.x/osd/wazuh.yml index 76c3a973ab..ca731337c7 100755 --- a/docker/osd-dev/config/2.x/osd/wazuh.yml +++ b/docker/osd-dev/config/2.x/osd/wazuh.yml @@ -1,18 +1,18 @@ hosts: - manager: - url: "https://wazuh.manager" + url: 'https://wazuh-manager-master' port: 55000 username: wazuh-wui - password: MyS3cr37P450r.*- + password: wazuh-wui run_as: false - imposter: - url: "http://imposter" + url: 'http://imposter' port: 8080 username: wazuh-wui password: MyS3cr37P450r.*- run_as: false - imposter-cli: - url: "http://" + url: 'http://' port: 8080 username: wazuh-wui password: MyS3cr37P450r.*- diff --git a/docker/osd-dev/dev.yml b/docker/osd-dev/dev.yml index 173b0bbed4..fc35d7e066 100755 --- a/docker/osd-dev/dev.yml +++ b/docker/osd-dev/dev.yml @@ -1,10 +1,10 @@ -version: "2.2" +version: '2.2' x-logging: &logging logging: driver: loki options: - loki-url: "http://host.docker.internal:3100/loki/api/v1/push" + loki-url: 'http://host.docker.internal:3100/loki/api/v1/push' services: exporter: @@ -12,15 +12,15 @@ services: <<: *logging hostname: exporter-osd-${OS_VERSION} profiles: - - "saml" - - "standard" + - 'saml' + - 'standard' networks: - os-dev - mon command: - - "--es.uri=https://admin:${PASSWORD}@os1:9200" - - "--es.ssl-skip-verify" - - "--es.all" + - '--es.uri=https://admin:${PASSWORD}@os1:9200' + - '--es.ssl-skip-verify' + - '--es.all' imposter: image: outofcoffee/imposter @@ -39,8 +39,8 @@ services: image: cfssl/cfssl <<: *logging profiles: - - "saml" - - "standard" + - 'saml' + - 'standard' volumes: - wi_certs:/certs/wi - wd_certs:/certs/wd @@ -117,27 +117,27 @@ services: sleep 300 ' healthcheck: - test: ["CMD-SHELL", "[ -r /certs/wi/os1.pem ]"] + test: ['CMD-SHELL', '[ -r /certs/wi/os1.pem ]'] interval: 2s timeout: 5s retries: 10 os1: - depends_on: - idpsetup: - condition: service_completed_successfully + # depends_on: + # idpsetup: + # condition: service_completed_successfully image: opensearchproject/opensearch:${OS_VERSION} <<: *logging profiles: - - "saml" - - "standard" + - 'saml' + - 'standard' environment: - cluster.name=os-dev-cluster - node.name=os1 - discovery.seed_hosts=os1 - cluster.initial_master_nodes=os1 - bootstrap.memory_lock=true # along with the memlock settings below, disables swapping - - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM + - 'OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m' # minimum and maximum Java heap size, recommend setting both to 50% of system RAM - OPENSEARCH_PATH_CONF=/usr/share/opensearch/config/ ulimits: memlock: @@ -162,7 +162,7 @@ services: healthcheck: test: [ - "CMD-SHELL", + 'CMD-SHELL', "curl -v --cacert config/certs/ca.pem https://os1:9200 2>&1 | grep -q '401 Unauthorized'", ] interval: 1s @@ -175,17 +175,17 @@ services: condition: service_healthy image: elastic/filebeat:7.10.2 profiles: - - "saml" - - "standard" + - 'saml' + - 'standard' hostname: filebeat - user: "0:0" + user: '0:0' networks: - os-dev - mon <<: *logging # restart: always entrypoint: - - "/bin/bash" + - '/bin/bash' command: > -c ' mkdir -p /etc/filebeat @@ -211,109 +211,151 @@ services: condition: service_healthy image: quay.io/wazuh/osd-dev:${OSD_VERSION} profiles: - - "saml" - - "standard" + - 'saml' + - 'standard' hostname: osd networks: - os-dev - devel - mon - user: "1000:1000" + user: '1000:1000' <<: *logging ports: - ${OSD_PORT}:5601 environment: - - "LOGS=/proc/1/fd/1" - entrypoint: ["tail", "-f", "/dev/null"] + - 'LOGS=/proc/1/fd/1' + entrypoint: ['tail', '-f', '/dev/null'] volumes: - osd_cache:/home/node/.cache - - "${SRC}:/home/node/kbn/plugins/wazuh" + - '${SRC}:/home/node/kbn/plugins/wazuh' - wd_certs:/home/node/kbn/certs/ - ${WAZUH_DASHBOARD_CONF}:/home/node/kbn/config/opensearch_dashboards.yml - ./config/${OSD_MAJOR}/osd/wazuh.yml:/home/node/kbn/data/wazuh/config/wazuh.yml - idpsec: - image: quay.io/keycloak/keycloak:19.0.1 - depends_on: - generator: - condition: service_healthy - profiles: - - "saml" - volumes: - - wi_certs:/certs/wi - - wd_certs:/certs/wd - - wm_certs:/certs/wm - - idp_certs:/certs/idp - # Included to avoid docker from creating duplicated networks - networks: - - os-dev - entrypoint: /bin/bash - command: > - -c ' - # trust store - for i in /certs/idp/ca.pem /certs/wd/osd.pem /certs/wi/os1.pem - do - keytool -import -alias $$(basename $$i .pem) -file $$i -keystore /certs/idp/truststore.jks -storepass SecretPassword -trustcacerts -noprompt - done - sleep 300 - ' - healthcheck: - test: ["CMD-SHELL", "[ -r /certs/idp/truststore.jks ]"] - interval: 2s - timeout: 5s - retries: 10 + # idpsec: + # image: quay.io/keycloak/keycloak:19.0.1 + # depends_on: + # generator: + # condition: service_healthy + # profiles: + # - 'saml' + # volumes: + # - wi_certs:/certs/wi + # - wd_certs:/certs/wd + # - wm_certs:/certs/wm + # - idp_certs:/certs/idp + # # Included to avoid docker from creating duplicated networks + # networks: + # - os-dev + # entrypoint: /bin/bash + # command: > + # -c ' + # # trust store + # for i in /certs/idp/ca.pem /certs/wd/osd.pem /certs/wi/os1.pem + # do + # keytool -import -alias $$(basename $$i .pem) -file $$i -keystore /certs/idp/truststore.jks -storepass SecretPassword -trustcacerts -noprompt + # done + # sleep 300 + # ' + # healthcheck: + # test: ['CMD-SHELL', '[ -r /certs/idp/truststore.jks ]'] + # interval: 2s + # timeout: 5s + # retries: 10 - idp: - image: quay.io/keycloak/keycloak:19.0.1 - depends_on: - idpsec: - condition: service_healthy - profiles: - - "saml" - hostname: idp - <<: *logging + # idp: + # image: quay.io/keycloak/keycloak:19.0.1 + # depends_on: + # idpsec: + # condition: service_healthy + # profiles: + # - 'saml' + # hostname: idp + # <<: *logging + # networks: + # - os-dev + # - mon + # ports: + # - '8080:8080' + # environment: + # - KEYCLOAK_ADMIN=admin + # - KEYCLOAK_ADMIN_PASSWORD=admin + # - KC_SPI_TRUSTSTORE_FILE_PASSWORD=SecretPassword + # - KC_SPI_TRUSTSTORE_FILE_FILE=/certs/truststore.jks + # volumes: + # - keycloak-data:/var/lib/keycloak/data + # - idp_certs:/certs + # command: start-dev + # healthcheck: + # test: curl -f http://localhost:8080/realms/master || exit 1 + # interval: 10s + # timeout: 5s + # retries: 6 + + # idpsetup: + # image: badouralix/curl-jq + # depends_on: + # idp: + # condition: service_healthy + # profiles: + # - 'saml' + # hostname: idpsetup + # <<: *logging + # networks: + # - os-dev + # - mon + # volumes: + # - wi_certs:/certs/wi + # - ./config/enable_saml.sh:/enable_saml.sh + # entrypoint: /bin/sh + # command: > + # -c ' + # apk add bash + # bash /enable_saml.sh + # exit 0 + # ' + wazuh-manager-master: + build: + context: /home/tostti/src/oldenv/wazuh-app-environments/images/wazuh_manager_filebeat_sources_cmake + args: + WAZUH_VERSION: '4.6.0' + FILEBEAT_VERSION: '7.10.2' + FILEBEAT_WAZUH_TEMPLATE_URL: https://raw.githubusercontent.com/wazuh/wazuh/4.6.0/extensions/elasticsearch/7.x/wazuh-template.json + FILEBEAT_WAZUH_MODULE_URL: https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.2.tar.gz + image: wazuh-manager:4.6.0-7.10.2 + hostname: wazuh-manager-460-7102 + volumes: + - '/home/tostti/src/oldenv/wazuh-app-environments/config/filebeat/filebeat.odfe.yml:/etc/filebeat/filebeat.yml' + ports: + - '514:514' + - '1514:1514' + - '1515:1515' + - '1516:1516' + - '55000:55000' + environment: + NODE_IP: wazuh-manager-master + NODE_NAME: manager-node + NODE_TYPE: master networks: - os-dev - mon - ports: - - "8080:8080" - environment: - - KEYCLOAK_ADMIN=admin - - KEYCLOAK_ADMIN_PASSWORD=admin - - KC_SPI_TRUSTSTORE_FILE_PASSWORD=SecretPassword - - KC_SPI_TRUSTSTORE_FILE_FILE=/certs/truststore.jks - volumes: - - keycloak-data:/var/lib/keycloak/data - - idp_certs:/certs - command: start-dev - healthcheck: - test: curl -f http://localhost:8080/realms/master || exit 1 - interval: 10s - timeout: 5s - retries: 6 + - devel - idpsetup: - image: badouralix/curl-jq + wazuh-agent: + build: + context: /home/tostti/src/oldenv/wazuh-app-environments/images/wazuh_agent_ubuntu_sources_cmake + args: + WAZUH_VERSION: '4.6.0' + image: 'wazuh_agent_ubuntu_sources_cmake:4.6.0' + hostname: 'wazuh_agent_ubuntu_sources_cmake-4.6.0' + environment: + JOIN_MANAGER: wazuh-manager-master depends_on: - idp: - condition: service_healthy - profiles: - - "saml" - hostname: idpsetup - <<: *logging + - wazuh-manager-master networks: - os-dev - mon - volumes: - - wi_certs:/certs/wi - - ./config/enable_saml.sh:/enable_saml.sh - entrypoint: /bin/sh - command: > - -c ' - apk add bash - bash /enable_saml.sh - exit 0 - ' + - devel networks: os-dev: diff --git a/server/routes/wazuh-reporting.test.ts b/server/routes/wazuh-reporting.test.ts index 24d34e3251..f809a5c6cc 100644 --- a/server/routes/wazuh-reporting.test.ts +++ b/server/routes/wazuh-reporting.test.ts @@ -10,20 +10,23 @@ import { WazuhReportingRoutes } from './wazuh-reporting'; import { WazuhUtilsCtrl } from '../controllers/wazuh-utils/wazuh-utils'; import md5 from 'md5'; import path from 'path'; -import { createDataDirectoryIfNotExists, createDirectoryIfNotExists } from '../lib/filesystem'; +import { + createDataDirectoryIfNotExists, + createDirectoryIfNotExists, +} from '../lib/filesystem'; import { WAZUH_DATA_CONFIG_APP_PATH, WAZUH_DATA_CONFIG_DIRECTORY_PATH, WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, WAZUH_DATA_LOGS_DIRECTORY_PATH, WAZUH_DATA_ABSOLUTE_PATH, - WAZUH_DATA_DOWNLOADS_DIRECTORY_PATH + WAZUH_DATA_DOWNLOADS_DIRECTORY_PATH, } from '../../common/constants'; import { execSync } from 'child_process'; import fs from 'fs'; jest.mock('../lib/reporting/extended-information', () => ({ - extendedInformation: jest.fn() + extendedInformation: jest.fn(), })); const USER_NAME = 'admin'; const loggingService = loggingSystemMock.create(); @@ -31,18 +34,19 @@ const logger = loggingService.get(); const context = { wazuh: { security: { - getCurrentUser: (request) => { + getCurrentUser: request => { // x-test-username header doesn't exist when the platform or plugin are running. // It is used to generate the output of this method so we can simulate the user // that does the request to the endpoint and is expected by the endpoint handlers // of the plugin. const username = request.headers['x-test-username']; - return { username, hashUsername: md5(username) } - } - } - } + return { username, hashUsername: md5(username) }; + }, + }, + }, }; -const enhanceWithContext = (fn: (...args: any[]) => any) => fn.bind(null, context); +const enhanceWithContext = (fn: (...args: any[]) => any) => + fn.bind(null, context); let server, innerServer; // BEFORE ALL @@ -71,12 +75,24 @@ beforeAll(async () => { } as any; server = new HttpServer(loggingService, 'tests'); const router = new Router('', logger, enhanceWithContext); - const { registerRouter, server: innerServerTest, ...rest } = await server.setup(config); + const { + registerRouter, + server: innerServerTest, + ...rest + } = await server.setup(config); innerServer = innerServerTest; // Mock decorator - jest.spyOn(WazuhUtilsCtrl.prototype as any, 'routeDecoratorProtectedAdministratorRoleValidToken') - .mockImplementation((handler) => async (...args) => handler(...args)); + jest + .spyOn( + WazuhUtilsCtrl.prototype as any, + 'routeDecoratorProtectedAdministratorRoleValidToken', + ) + .mockImplementation( + handler => + async (...args) => + handler(...args), + ); // Register routes WazuhUtilsRoutes(router); @@ -124,11 +140,22 @@ describe('[endpoint] GET /reports', () => { // Create directories and file/s within directory. directories.forEach(({ username, files }) => { const hashUsername = md5(username); - createDirectoryIfNotExists(path.join(WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, hashUsername)); + createDirectoryIfNotExists( + path.join(WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, hashUsername), + ); if (files) { Array.from(Array(files).keys()).forEach(indexFile => { - console.log('Generating', username, indexFile) - fs.closeSync(fs.openSync(path.join(WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, hashUsername, `report_${indexFile}.pdf`), 'w')); + console.log('Generating', username, indexFile); + fs.closeSync( + fs.openSync( + path.join( + WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, + hashUsername, + `report_${indexFile}.pdf`, + ), + 'w', + ), + ); }); } }); @@ -139,13 +166,16 @@ describe('[endpoint] GET /reports', () => { execSync(`rm -rf ${WAZUH_DATA_DOWNLOADS_DIRECTORY_PATH}`); }); - it.each(directories)('get reports of $username. status response: $responseStatus', async ({ username, files }) => { - const response = await supertest(innerServer.listener) - .get(`/reports`) - .set('x-test-username', username) - .expect(200); - expect(response.body.reports).toHaveLength(files); - }); + it.each(directories)( + 'get reports of $username. status response: $responseStatus', + async ({ username, files }) => { + const response = await supertest(innerServer.listener) + .get(`/reports`) + .set('x-test-username', username) + .expect(200); + expect(response.body.reports).toHaveLength(files); + }, + ); }); describe('[endpoint] PUT /utils/configuration', () => { @@ -174,16 +204,33 @@ describe('[endpoint] PUT /utils/configuration', () => { // expectedMD5 variable is a verified md5 of a report generated with this header and footer // If any of the parameters is changed this variable should be updated with the new md5 it.each` - footer | header | responseStatusCode | expectedMD5 | tab - ${null} | ${null} | ${200} | ${'7b6fa0e2a5911880d17168800c173f89'} | ${'pm'} - ${'Custom\nFooter'} | ${'info@company.com\nFake Avenue 123'}| ${200} | ${'51b268066bb5107e5eb0a9d791a89d0c'} | ${'general'} - ${''} | ${''} | ${200} | ${'23d5e0eedce38dc6df9e98e898628f68'} | ${'fim'} - ${'Custom Footer'} | ${null} | ${200} | ${'2b16be2ea88d3891cda7acb6075826d9'} | ${'aws'} - ${null} | ${'Custom Header'} | ${200} | ${'91e30564f157942718afdd97db3b4ddf'} | ${'gcp'} -`(`Set custom report header and footer - Verify PDF output`, async ({footer, header, responseStatusCode, expectedMD5, tab}) => { - + footer | header | responseStatusCode | expectedMD5 | tab + ${null} | ${null} | ${200} | ${'a261be6b2e5fb18bb7434ee46a01e174'} | ${'pm'} + ${'Custom\nFooter'} | ${'info@company.com\nFake Avenue 123'} | ${200} | ${'51b268066bb5107e5eb0a9d791a89d0c'} | ${'general'} + ${''} | ${''} | ${200} | ${'8e8fbd90e08b810f700fcafbfdcdf638'} | ${'fim'} + ${'Custom Footer'} | ${null} | ${200} | ${'2b16be2ea88d3891cda7acb6075826d9'} | ${'aws'} + ${null} | ${'Custom Header'} | ${200} | ${'4a55136aaf8b5f6b544a03fe46917552'} | ${'gcp'} + `( + `Set custom report header and footer - Verify PDF output`, + async ({ footer, header, responseStatusCode, expectedMD5, tab }) => { // Mock PDF report parameters - const reportBody = { "array": [], "serverSideQuery": [], "filters": [], "time": { "from": '2022-10-01T09:59:40.825Z', "to": '2022-10-04T09:59:40.825Z' }, "searchBar": "", "tables": [], "tab": tab, "section": "overview", "agents": false, "browserTimezone": "Europe/Madrid", "indexPatternTitle": "wazuh-alerts-*", "apiId": "default" }; + const reportBody = { + array: [], + serverSideQuery: [], + filters: [], + time: { + from: '2022-10-01T09:59:40.825Z', + to: '2022-10-04T09:59:40.825Z', + }, + searchBar: '', + tables: [], + tab: tab, + section: 'overview', + agents: false, + browserTimezone: 'Europe/Madrid', + indexPatternTitle: 'wazuh-alerts-*', + apiId: 'default', + }; // Define custom configuration const configurationBody = {}; @@ -203,10 +250,18 @@ describe('[endpoint] PUT /utils/configuration', () => { .expect(responseStatusCode); if (typeof footer == 'string') { - expect(responseConfig.body?.data?.updatedConfiguration?.['customization.reports.footer']).toMatch(configurationBody['customization.reports.footer']); + expect( + responseConfig.body?.data?.updatedConfiguration?.[ + 'customization.reports.footer' + ], + ).toMatch(configurationBody['customization.reports.footer']); } if (typeof header == 'string') { - expect(responseConfig.body?.data?.updatedConfiguration?.['customization.reports.header']).toMatch(configurationBody['customization.reports.header']); + expect( + responseConfig.body?.data?.updatedConfiguration?.[ + 'customization.reports.header' + ], + ).toMatch(configurationBody['customization.reports.header']); } } @@ -216,16 +271,19 @@ describe('[endpoint] PUT /utils/configuration', () => { .set('x-test-username', USER_NAME) .send(reportBody) .expect(200); - const fileName = responseReport.body?.message.match(/([A-Z-0-9]*\.pdf)/gi)[0]; + const fileName = + responseReport.body?.message.match(/([A-Z-0-9]*\.pdf)/gi)[0]; const userPath = md5(USER_NAME); const reportPath = `${WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH}/${userPath}/${fileName}`; const PDFbuffer = fs.readFileSync(reportPath); const PDFcontent = PDFbuffer.toString('utf8'); - const content = PDFcontent - .replace(/\[<[a-z0-9].+> <[a-z0-9].+>\]/gi, '') - .replace(/(obj\n\(D:[0-9].+Z\)\nendobj)/gi, ''); + const content = PDFcontent.replace( + /\[<[a-z0-9].+> <[a-z0-9].+>\]/gi, + '', + ).replace(/(obj\n\(D:[0-9].+Z\)\nendobj)/gi, ''); const PDFmd5 = md5(content); expect(PDFmd5).toBe(expectedMD5); - }); + }, + ); }); From 5e714279bdfca3152f946c20264aa48d94e6c5dc Mon Sep 17 00:00:00 2001 From: Tostti Date: Wed, 9 Aug 2023 17:41:45 -0300 Subject: [PATCH 05/10] Change md5 in reporting test --- server/routes/wazuh-reporting.test.ts | 134 ++++++++------------------ 1 file changed, 38 insertions(+), 96 deletions(-) diff --git a/server/routes/wazuh-reporting.test.ts b/server/routes/wazuh-reporting.test.ts index f809a5c6cc..24d34e3251 100644 --- a/server/routes/wazuh-reporting.test.ts +++ b/server/routes/wazuh-reporting.test.ts @@ -10,23 +10,20 @@ import { WazuhReportingRoutes } from './wazuh-reporting'; import { WazuhUtilsCtrl } from '../controllers/wazuh-utils/wazuh-utils'; import md5 from 'md5'; import path from 'path'; -import { - createDataDirectoryIfNotExists, - createDirectoryIfNotExists, -} from '../lib/filesystem'; +import { createDataDirectoryIfNotExists, createDirectoryIfNotExists } from '../lib/filesystem'; import { WAZUH_DATA_CONFIG_APP_PATH, WAZUH_DATA_CONFIG_DIRECTORY_PATH, WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, WAZUH_DATA_LOGS_DIRECTORY_PATH, WAZUH_DATA_ABSOLUTE_PATH, - WAZUH_DATA_DOWNLOADS_DIRECTORY_PATH, + WAZUH_DATA_DOWNLOADS_DIRECTORY_PATH } from '../../common/constants'; import { execSync } from 'child_process'; import fs from 'fs'; jest.mock('../lib/reporting/extended-information', () => ({ - extendedInformation: jest.fn(), + extendedInformation: jest.fn() })); const USER_NAME = 'admin'; const loggingService = loggingSystemMock.create(); @@ -34,19 +31,18 @@ const logger = loggingService.get(); const context = { wazuh: { security: { - getCurrentUser: request => { + getCurrentUser: (request) => { // x-test-username header doesn't exist when the platform or plugin are running. // It is used to generate the output of this method so we can simulate the user // that does the request to the endpoint and is expected by the endpoint handlers // of the plugin. const username = request.headers['x-test-username']; - return { username, hashUsername: md5(username) }; - }, - }, - }, + return { username, hashUsername: md5(username) } + } + } + } }; -const enhanceWithContext = (fn: (...args: any[]) => any) => - fn.bind(null, context); +const enhanceWithContext = (fn: (...args: any[]) => any) => fn.bind(null, context); let server, innerServer; // BEFORE ALL @@ -75,24 +71,12 @@ beforeAll(async () => { } as any; server = new HttpServer(loggingService, 'tests'); const router = new Router('', logger, enhanceWithContext); - const { - registerRouter, - server: innerServerTest, - ...rest - } = await server.setup(config); + const { registerRouter, server: innerServerTest, ...rest } = await server.setup(config); innerServer = innerServerTest; // Mock decorator - jest - .spyOn( - WazuhUtilsCtrl.prototype as any, - 'routeDecoratorProtectedAdministratorRoleValidToken', - ) - .mockImplementation( - handler => - async (...args) => - handler(...args), - ); + jest.spyOn(WazuhUtilsCtrl.prototype as any, 'routeDecoratorProtectedAdministratorRoleValidToken') + .mockImplementation((handler) => async (...args) => handler(...args)); // Register routes WazuhUtilsRoutes(router); @@ -140,22 +124,11 @@ describe('[endpoint] GET /reports', () => { // Create directories and file/s within directory. directories.forEach(({ username, files }) => { const hashUsername = md5(username); - createDirectoryIfNotExists( - path.join(WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, hashUsername), - ); + createDirectoryIfNotExists(path.join(WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, hashUsername)); if (files) { Array.from(Array(files).keys()).forEach(indexFile => { - console.log('Generating', username, indexFile); - fs.closeSync( - fs.openSync( - path.join( - WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, - hashUsername, - `report_${indexFile}.pdf`, - ), - 'w', - ), - ); + console.log('Generating', username, indexFile) + fs.closeSync(fs.openSync(path.join(WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, hashUsername, `report_${indexFile}.pdf`), 'w')); }); } }); @@ -166,16 +139,13 @@ describe('[endpoint] GET /reports', () => { execSync(`rm -rf ${WAZUH_DATA_DOWNLOADS_DIRECTORY_PATH}`); }); - it.each(directories)( - 'get reports of $username. status response: $responseStatus', - async ({ username, files }) => { - const response = await supertest(innerServer.listener) - .get(`/reports`) - .set('x-test-username', username) - .expect(200); - expect(response.body.reports).toHaveLength(files); - }, - ); + it.each(directories)('get reports of $username. status response: $responseStatus', async ({ username, files }) => { + const response = await supertest(innerServer.listener) + .get(`/reports`) + .set('x-test-username', username) + .expect(200); + expect(response.body.reports).toHaveLength(files); + }); }); describe('[endpoint] PUT /utils/configuration', () => { @@ -204,33 +174,16 @@ describe('[endpoint] PUT /utils/configuration', () => { // expectedMD5 variable is a verified md5 of a report generated with this header and footer // If any of the parameters is changed this variable should be updated with the new md5 it.each` - footer | header | responseStatusCode | expectedMD5 | tab - ${null} | ${null} | ${200} | ${'a261be6b2e5fb18bb7434ee46a01e174'} | ${'pm'} - ${'Custom\nFooter'} | ${'info@company.com\nFake Avenue 123'} | ${200} | ${'51b268066bb5107e5eb0a9d791a89d0c'} | ${'general'} - ${''} | ${''} | ${200} | ${'8e8fbd90e08b810f700fcafbfdcdf638'} | ${'fim'} - ${'Custom Footer'} | ${null} | ${200} | ${'2b16be2ea88d3891cda7acb6075826d9'} | ${'aws'} - ${null} | ${'Custom Header'} | ${200} | ${'4a55136aaf8b5f6b544a03fe46917552'} | ${'gcp'} - `( - `Set custom report header and footer - Verify PDF output`, - async ({ footer, header, responseStatusCode, expectedMD5, tab }) => { + footer | header | responseStatusCode | expectedMD5 | tab + ${null} | ${null} | ${200} | ${'7b6fa0e2a5911880d17168800c173f89'} | ${'pm'} + ${'Custom\nFooter'} | ${'info@company.com\nFake Avenue 123'}| ${200} | ${'51b268066bb5107e5eb0a9d791a89d0c'} | ${'general'} + ${''} | ${''} | ${200} | ${'23d5e0eedce38dc6df9e98e898628f68'} | ${'fim'} + ${'Custom Footer'} | ${null} | ${200} | ${'2b16be2ea88d3891cda7acb6075826d9'} | ${'aws'} + ${null} | ${'Custom Header'} | ${200} | ${'91e30564f157942718afdd97db3b4ddf'} | ${'gcp'} +`(`Set custom report header and footer - Verify PDF output`, async ({footer, header, responseStatusCode, expectedMD5, tab}) => { + // Mock PDF report parameters - const reportBody = { - array: [], - serverSideQuery: [], - filters: [], - time: { - from: '2022-10-01T09:59:40.825Z', - to: '2022-10-04T09:59:40.825Z', - }, - searchBar: '', - tables: [], - tab: tab, - section: 'overview', - agents: false, - browserTimezone: 'Europe/Madrid', - indexPatternTitle: 'wazuh-alerts-*', - apiId: 'default', - }; + const reportBody = { "array": [], "serverSideQuery": [], "filters": [], "time": { "from": '2022-10-01T09:59:40.825Z', "to": '2022-10-04T09:59:40.825Z' }, "searchBar": "", "tables": [], "tab": tab, "section": "overview", "agents": false, "browserTimezone": "Europe/Madrid", "indexPatternTitle": "wazuh-alerts-*", "apiId": "default" }; // Define custom configuration const configurationBody = {}; @@ -250,18 +203,10 @@ describe('[endpoint] PUT /utils/configuration', () => { .expect(responseStatusCode); if (typeof footer == 'string') { - expect( - responseConfig.body?.data?.updatedConfiguration?.[ - 'customization.reports.footer' - ], - ).toMatch(configurationBody['customization.reports.footer']); + expect(responseConfig.body?.data?.updatedConfiguration?.['customization.reports.footer']).toMatch(configurationBody['customization.reports.footer']); } if (typeof header == 'string') { - expect( - responseConfig.body?.data?.updatedConfiguration?.[ - 'customization.reports.header' - ], - ).toMatch(configurationBody['customization.reports.header']); + expect(responseConfig.body?.data?.updatedConfiguration?.['customization.reports.header']).toMatch(configurationBody['customization.reports.header']); } } @@ -271,19 +216,16 @@ describe('[endpoint] PUT /utils/configuration', () => { .set('x-test-username', USER_NAME) .send(reportBody) .expect(200); - const fileName = - responseReport.body?.message.match(/([A-Z-0-9]*\.pdf)/gi)[0]; + const fileName = responseReport.body?.message.match(/([A-Z-0-9]*\.pdf)/gi)[0]; const userPath = md5(USER_NAME); const reportPath = `${WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH}/${userPath}/${fileName}`; const PDFbuffer = fs.readFileSync(reportPath); const PDFcontent = PDFbuffer.toString('utf8'); - const content = PDFcontent.replace( - /\[<[a-z0-9].+> <[a-z0-9].+>\]/gi, - '', - ).replace(/(obj\n\(D:[0-9].+Z\)\nendobj)/gi, ''); + const content = PDFcontent + .replace(/\[<[a-z0-9].+> <[a-z0-9].+>\]/gi, '') + .replace(/(obj\n\(D:[0-9].+Z\)\nendobj)/gi, ''); const PDFmd5 = md5(content); expect(PDFmd5).toBe(expectedMD5); - }, - ); + }); }); From fbef1fd5e0b4d9b4afc693c5e49e8058c1d18b96 Mon Sep 17 00:00:00 2001 From: Nicolas Agustin Guevara Pihen <42900763+Tostti@users.noreply.github.com> Date: Wed, 9 Aug 2023 17:44:39 -0300 Subject: [PATCH 06/10] Revert accidental change --- docker/osd-dev/config/2.x/osd/wazuh.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docker/osd-dev/config/2.x/osd/wazuh.yml b/docker/osd-dev/config/2.x/osd/wazuh.yml index ca731337c7..76c3a973ab 100755 --- a/docker/osd-dev/config/2.x/osd/wazuh.yml +++ b/docker/osd-dev/config/2.x/osd/wazuh.yml @@ -1,18 +1,18 @@ hosts: - manager: - url: 'https://wazuh-manager-master' + url: "https://wazuh.manager" port: 55000 username: wazuh-wui - password: wazuh-wui + password: MyS3cr37P450r.*- run_as: false - imposter: - url: 'http://imposter' + url: "http://imposter" port: 8080 username: wazuh-wui password: MyS3cr37P450r.*- run_as: false - imposter-cli: - url: 'http://' + url: "http://" port: 8080 username: wazuh-wui password: MyS3cr37P450r.*- From 5efe926527b1804c0ff2a6bd7bc5147aac46331c Mon Sep 17 00:00:00 2001 From: Nicolas Agustin Guevara Pihen <42900763+Tostti@users.noreply.github.com> Date: Wed, 9 Aug 2023 17:45:19 -0300 Subject: [PATCH 07/10] Revert accidental change --- docker/osd-dev/dev.yml | 242 +++++++++++++++++------------------------ 1 file changed, 100 insertions(+), 142 deletions(-) diff --git a/docker/osd-dev/dev.yml b/docker/osd-dev/dev.yml index fc35d7e066..173b0bbed4 100755 --- a/docker/osd-dev/dev.yml +++ b/docker/osd-dev/dev.yml @@ -1,10 +1,10 @@ -version: '2.2' +version: "2.2" x-logging: &logging logging: driver: loki options: - loki-url: 'http://host.docker.internal:3100/loki/api/v1/push' + loki-url: "http://host.docker.internal:3100/loki/api/v1/push" services: exporter: @@ -12,15 +12,15 @@ services: <<: *logging hostname: exporter-osd-${OS_VERSION} profiles: - - 'saml' - - 'standard' + - "saml" + - "standard" networks: - os-dev - mon command: - - '--es.uri=https://admin:${PASSWORD}@os1:9200' - - '--es.ssl-skip-verify' - - '--es.all' + - "--es.uri=https://admin:${PASSWORD}@os1:9200" + - "--es.ssl-skip-verify" + - "--es.all" imposter: image: outofcoffee/imposter @@ -39,8 +39,8 @@ services: image: cfssl/cfssl <<: *logging profiles: - - 'saml' - - 'standard' + - "saml" + - "standard" volumes: - wi_certs:/certs/wi - wd_certs:/certs/wd @@ -117,27 +117,27 @@ services: sleep 300 ' healthcheck: - test: ['CMD-SHELL', '[ -r /certs/wi/os1.pem ]'] + test: ["CMD-SHELL", "[ -r /certs/wi/os1.pem ]"] interval: 2s timeout: 5s retries: 10 os1: - # depends_on: - # idpsetup: - # condition: service_completed_successfully + depends_on: + idpsetup: + condition: service_completed_successfully image: opensearchproject/opensearch:${OS_VERSION} <<: *logging profiles: - - 'saml' - - 'standard' + - "saml" + - "standard" environment: - cluster.name=os-dev-cluster - node.name=os1 - discovery.seed_hosts=os1 - cluster.initial_master_nodes=os1 - bootstrap.memory_lock=true # along with the memlock settings below, disables swapping - - 'OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m' # minimum and maximum Java heap size, recommend setting both to 50% of system RAM + - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM - OPENSEARCH_PATH_CONF=/usr/share/opensearch/config/ ulimits: memlock: @@ -162,7 +162,7 @@ services: healthcheck: test: [ - 'CMD-SHELL', + "CMD-SHELL", "curl -v --cacert config/certs/ca.pem https://os1:9200 2>&1 | grep -q '401 Unauthorized'", ] interval: 1s @@ -175,17 +175,17 @@ services: condition: service_healthy image: elastic/filebeat:7.10.2 profiles: - - 'saml' - - 'standard' + - "saml" + - "standard" hostname: filebeat - user: '0:0' + user: "0:0" networks: - os-dev - mon <<: *logging # restart: always entrypoint: - - '/bin/bash' + - "/bin/bash" command: > -c ' mkdir -p /etc/filebeat @@ -211,151 +211,109 @@ services: condition: service_healthy image: quay.io/wazuh/osd-dev:${OSD_VERSION} profiles: - - 'saml' - - 'standard' + - "saml" + - "standard" hostname: osd networks: - os-dev - devel - mon - user: '1000:1000' + user: "1000:1000" <<: *logging ports: - ${OSD_PORT}:5601 environment: - - 'LOGS=/proc/1/fd/1' - entrypoint: ['tail', '-f', '/dev/null'] + - "LOGS=/proc/1/fd/1" + entrypoint: ["tail", "-f", "/dev/null"] volumes: - osd_cache:/home/node/.cache - - '${SRC}:/home/node/kbn/plugins/wazuh' + - "${SRC}:/home/node/kbn/plugins/wazuh" - wd_certs:/home/node/kbn/certs/ - ${WAZUH_DASHBOARD_CONF}:/home/node/kbn/config/opensearch_dashboards.yml - ./config/${OSD_MAJOR}/osd/wazuh.yml:/home/node/kbn/data/wazuh/config/wazuh.yml - # idpsec: - # image: quay.io/keycloak/keycloak:19.0.1 - # depends_on: - # generator: - # condition: service_healthy - # profiles: - # - 'saml' - # volumes: - # - wi_certs:/certs/wi - # - wd_certs:/certs/wd - # - wm_certs:/certs/wm - # - idp_certs:/certs/idp - # # Included to avoid docker from creating duplicated networks - # networks: - # - os-dev - # entrypoint: /bin/bash - # command: > - # -c ' - # # trust store - # for i in /certs/idp/ca.pem /certs/wd/osd.pem /certs/wi/os1.pem - # do - # keytool -import -alias $$(basename $$i .pem) -file $$i -keystore /certs/idp/truststore.jks -storepass SecretPassword -trustcacerts -noprompt - # done - # sleep 300 - # ' - # healthcheck: - # test: ['CMD-SHELL', '[ -r /certs/idp/truststore.jks ]'] - # interval: 2s - # timeout: 5s - # retries: 10 - - # idp: - # image: quay.io/keycloak/keycloak:19.0.1 - # depends_on: - # idpsec: - # condition: service_healthy - # profiles: - # - 'saml' - # hostname: idp - # <<: *logging - # networks: - # - os-dev - # - mon - # ports: - # - '8080:8080' - # environment: - # - KEYCLOAK_ADMIN=admin - # - KEYCLOAK_ADMIN_PASSWORD=admin - # - KC_SPI_TRUSTSTORE_FILE_PASSWORD=SecretPassword - # - KC_SPI_TRUSTSTORE_FILE_FILE=/certs/truststore.jks - # volumes: - # - keycloak-data:/var/lib/keycloak/data - # - idp_certs:/certs - # command: start-dev - # healthcheck: - # test: curl -f http://localhost:8080/realms/master || exit 1 - # interval: 10s - # timeout: 5s - # retries: 6 - - # idpsetup: - # image: badouralix/curl-jq - # depends_on: - # idp: - # condition: service_healthy - # profiles: - # - 'saml' - # hostname: idpsetup - # <<: *logging - # networks: - # - os-dev - # - mon - # volumes: - # - wi_certs:/certs/wi - # - ./config/enable_saml.sh:/enable_saml.sh - # entrypoint: /bin/sh - # command: > - # -c ' - # apk add bash - # bash /enable_saml.sh - # exit 0 - # ' - wazuh-manager-master: - build: - context: /home/tostti/src/oldenv/wazuh-app-environments/images/wazuh_manager_filebeat_sources_cmake - args: - WAZUH_VERSION: '4.6.0' - FILEBEAT_VERSION: '7.10.2' - FILEBEAT_WAZUH_TEMPLATE_URL: https://raw.githubusercontent.com/wazuh/wazuh/4.6.0/extensions/elasticsearch/7.x/wazuh-template.json - FILEBEAT_WAZUH_MODULE_URL: https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.2.tar.gz - image: wazuh-manager:4.6.0-7.10.2 - hostname: wazuh-manager-460-7102 + idpsec: + image: quay.io/keycloak/keycloak:19.0.1 + depends_on: + generator: + condition: service_healthy + profiles: + - "saml" volumes: - - '/home/tostti/src/oldenv/wazuh-app-environments/config/filebeat/filebeat.odfe.yml:/etc/filebeat/filebeat.yml' - ports: - - '514:514' - - '1514:1514' - - '1515:1515' - - '1516:1516' - - '55000:55000' - environment: - NODE_IP: wazuh-manager-master - NODE_NAME: manager-node - NODE_TYPE: master + - wi_certs:/certs/wi + - wd_certs:/certs/wd + - wm_certs:/certs/wm + - idp_certs:/certs/idp + # Included to avoid docker from creating duplicated networks networks: - os-dev - - mon - - devel + entrypoint: /bin/bash + command: > + -c ' + # trust store + for i in /certs/idp/ca.pem /certs/wd/osd.pem /certs/wi/os1.pem + do + keytool -import -alias $$(basename $$i .pem) -file $$i -keystore /certs/idp/truststore.jks -storepass SecretPassword -trustcacerts -noprompt + done + sleep 300 + ' + healthcheck: + test: ["CMD-SHELL", "[ -r /certs/idp/truststore.jks ]"] + interval: 2s + timeout: 5s + retries: 10 - wazuh-agent: - build: - context: /home/tostti/src/oldenv/wazuh-app-environments/images/wazuh_agent_ubuntu_sources_cmake - args: - WAZUH_VERSION: '4.6.0' - image: 'wazuh_agent_ubuntu_sources_cmake:4.6.0' - hostname: 'wazuh_agent_ubuntu_sources_cmake-4.6.0' + idp: + image: quay.io/keycloak/keycloak:19.0.1 + depends_on: + idpsec: + condition: service_healthy + profiles: + - "saml" + hostname: idp + <<: *logging + networks: + - os-dev + - mon + ports: + - "8080:8080" environment: - JOIN_MANAGER: wazuh-manager-master + - KEYCLOAK_ADMIN=admin + - KEYCLOAK_ADMIN_PASSWORD=admin + - KC_SPI_TRUSTSTORE_FILE_PASSWORD=SecretPassword + - KC_SPI_TRUSTSTORE_FILE_FILE=/certs/truststore.jks + volumes: + - keycloak-data:/var/lib/keycloak/data + - idp_certs:/certs + command: start-dev + healthcheck: + test: curl -f http://localhost:8080/realms/master || exit 1 + interval: 10s + timeout: 5s + retries: 6 + + idpsetup: + image: badouralix/curl-jq depends_on: - - wazuh-manager-master + idp: + condition: service_healthy + profiles: + - "saml" + hostname: idpsetup + <<: *logging networks: - os-dev - mon - - devel + volumes: + - wi_certs:/certs/wi + - ./config/enable_saml.sh:/enable_saml.sh + entrypoint: /bin/sh + command: > + -c ' + apk add bash + bash /enable_saml.sh + exit 0 + ' networks: os-dev: From d9beb43b0b8b389b91b0334cb39463d319d0934b Mon Sep 17 00:00:00 2001 From: Tostti Date: Wed, 9 Aug 2023 17:52:41 -0300 Subject: [PATCH 08/10] Fix md5 in test --- server/routes/wazuh-reporting.test.ts | 134 ++++++++++++++++++-------- 1 file changed, 96 insertions(+), 38 deletions(-) diff --git a/server/routes/wazuh-reporting.test.ts b/server/routes/wazuh-reporting.test.ts index 24d34e3251..f809a5c6cc 100644 --- a/server/routes/wazuh-reporting.test.ts +++ b/server/routes/wazuh-reporting.test.ts @@ -10,20 +10,23 @@ import { WazuhReportingRoutes } from './wazuh-reporting'; import { WazuhUtilsCtrl } from '../controllers/wazuh-utils/wazuh-utils'; import md5 from 'md5'; import path from 'path'; -import { createDataDirectoryIfNotExists, createDirectoryIfNotExists } from '../lib/filesystem'; +import { + createDataDirectoryIfNotExists, + createDirectoryIfNotExists, +} from '../lib/filesystem'; import { WAZUH_DATA_CONFIG_APP_PATH, WAZUH_DATA_CONFIG_DIRECTORY_PATH, WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, WAZUH_DATA_LOGS_DIRECTORY_PATH, WAZUH_DATA_ABSOLUTE_PATH, - WAZUH_DATA_DOWNLOADS_DIRECTORY_PATH + WAZUH_DATA_DOWNLOADS_DIRECTORY_PATH, } from '../../common/constants'; import { execSync } from 'child_process'; import fs from 'fs'; jest.mock('../lib/reporting/extended-information', () => ({ - extendedInformation: jest.fn() + extendedInformation: jest.fn(), })); const USER_NAME = 'admin'; const loggingService = loggingSystemMock.create(); @@ -31,18 +34,19 @@ const logger = loggingService.get(); const context = { wazuh: { security: { - getCurrentUser: (request) => { + getCurrentUser: request => { // x-test-username header doesn't exist when the platform or plugin are running. // It is used to generate the output of this method so we can simulate the user // that does the request to the endpoint and is expected by the endpoint handlers // of the plugin. const username = request.headers['x-test-username']; - return { username, hashUsername: md5(username) } - } - } - } + return { username, hashUsername: md5(username) }; + }, + }, + }, }; -const enhanceWithContext = (fn: (...args: any[]) => any) => fn.bind(null, context); +const enhanceWithContext = (fn: (...args: any[]) => any) => + fn.bind(null, context); let server, innerServer; // BEFORE ALL @@ -71,12 +75,24 @@ beforeAll(async () => { } as any; server = new HttpServer(loggingService, 'tests'); const router = new Router('', logger, enhanceWithContext); - const { registerRouter, server: innerServerTest, ...rest } = await server.setup(config); + const { + registerRouter, + server: innerServerTest, + ...rest + } = await server.setup(config); innerServer = innerServerTest; // Mock decorator - jest.spyOn(WazuhUtilsCtrl.prototype as any, 'routeDecoratorProtectedAdministratorRoleValidToken') - .mockImplementation((handler) => async (...args) => handler(...args)); + jest + .spyOn( + WazuhUtilsCtrl.prototype as any, + 'routeDecoratorProtectedAdministratorRoleValidToken', + ) + .mockImplementation( + handler => + async (...args) => + handler(...args), + ); // Register routes WazuhUtilsRoutes(router); @@ -124,11 +140,22 @@ describe('[endpoint] GET /reports', () => { // Create directories and file/s within directory. directories.forEach(({ username, files }) => { const hashUsername = md5(username); - createDirectoryIfNotExists(path.join(WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, hashUsername)); + createDirectoryIfNotExists( + path.join(WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, hashUsername), + ); if (files) { Array.from(Array(files).keys()).forEach(indexFile => { - console.log('Generating', username, indexFile) - fs.closeSync(fs.openSync(path.join(WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, hashUsername, `report_${indexFile}.pdf`), 'w')); + console.log('Generating', username, indexFile); + fs.closeSync( + fs.openSync( + path.join( + WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH, + hashUsername, + `report_${indexFile}.pdf`, + ), + 'w', + ), + ); }); } }); @@ -139,13 +166,16 @@ describe('[endpoint] GET /reports', () => { execSync(`rm -rf ${WAZUH_DATA_DOWNLOADS_DIRECTORY_PATH}`); }); - it.each(directories)('get reports of $username. status response: $responseStatus', async ({ username, files }) => { - const response = await supertest(innerServer.listener) - .get(`/reports`) - .set('x-test-username', username) - .expect(200); - expect(response.body.reports).toHaveLength(files); - }); + it.each(directories)( + 'get reports of $username. status response: $responseStatus', + async ({ username, files }) => { + const response = await supertest(innerServer.listener) + .get(`/reports`) + .set('x-test-username', username) + .expect(200); + expect(response.body.reports).toHaveLength(files); + }, + ); }); describe('[endpoint] PUT /utils/configuration', () => { @@ -174,16 +204,33 @@ describe('[endpoint] PUT /utils/configuration', () => { // expectedMD5 variable is a verified md5 of a report generated with this header and footer // If any of the parameters is changed this variable should be updated with the new md5 it.each` - footer | header | responseStatusCode | expectedMD5 | tab - ${null} | ${null} | ${200} | ${'7b6fa0e2a5911880d17168800c173f89'} | ${'pm'} - ${'Custom\nFooter'} | ${'info@company.com\nFake Avenue 123'}| ${200} | ${'51b268066bb5107e5eb0a9d791a89d0c'} | ${'general'} - ${''} | ${''} | ${200} | ${'23d5e0eedce38dc6df9e98e898628f68'} | ${'fim'} - ${'Custom Footer'} | ${null} | ${200} | ${'2b16be2ea88d3891cda7acb6075826d9'} | ${'aws'} - ${null} | ${'Custom Header'} | ${200} | ${'91e30564f157942718afdd97db3b4ddf'} | ${'gcp'} -`(`Set custom report header and footer - Verify PDF output`, async ({footer, header, responseStatusCode, expectedMD5, tab}) => { - + footer | header | responseStatusCode | expectedMD5 | tab + ${null} | ${null} | ${200} | ${'a261be6b2e5fb18bb7434ee46a01e174'} | ${'pm'} + ${'Custom\nFooter'} | ${'info@company.com\nFake Avenue 123'} | ${200} | ${'51b268066bb5107e5eb0a9d791a89d0c'} | ${'general'} + ${''} | ${''} | ${200} | ${'8e8fbd90e08b810f700fcafbfdcdf638'} | ${'fim'} + ${'Custom Footer'} | ${null} | ${200} | ${'2b16be2ea88d3891cda7acb6075826d9'} | ${'aws'} + ${null} | ${'Custom Header'} | ${200} | ${'4a55136aaf8b5f6b544a03fe46917552'} | ${'gcp'} + `( + `Set custom report header and footer - Verify PDF output`, + async ({ footer, header, responseStatusCode, expectedMD5, tab }) => { // Mock PDF report parameters - const reportBody = { "array": [], "serverSideQuery": [], "filters": [], "time": { "from": '2022-10-01T09:59:40.825Z', "to": '2022-10-04T09:59:40.825Z' }, "searchBar": "", "tables": [], "tab": tab, "section": "overview", "agents": false, "browserTimezone": "Europe/Madrid", "indexPatternTitle": "wazuh-alerts-*", "apiId": "default" }; + const reportBody = { + array: [], + serverSideQuery: [], + filters: [], + time: { + from: '2022-10-01T09:59:40.825Z', + to: '2022-10-04T09:59:40.825Z', + }, + searchBar: '', + tables: [], + tab: tab, + section: 'overview', + agents: false, + browserTimezone: 'Europe/Madrid', + indexPatternTitle: 'wazuh-alerts-*', + apiId: 'default', + }; // Define custom configuration const configurationBody = {}; @@ -203,10 +250,18 @@ describe('[endpoint] PUT /utils/configuration', () => { .expect(responseStatusCode); if (typeof footer == 'string') { - expect(responseConfig.body?.data?.updatedConfiguration?.['customization.reports.footer']).toMatch(configurationBody['customization.reports.footer']); + expect( + responseConfig.body?.data?.updatedConfiguration?.[ + 'customization.reports.footer' + ], + ).toMatch(configurationBody['customization.reports.footer']); } if (typeof header == 'string') { - expect(responseConfig.body?.data?.updatedConfiguration?.['customization.reports.header']).toMatch(configurationBody['customization.reports.header']); + expect( + responseConfig.body?.data?.updatedConfiguration?.[ + 'customization.reports.header' + ], + ).toMatch(configurationBody['customization.reports.header']); } } @@ -216,16 +271,19 @@ describe('[endpoint] PUT /utils/configuration', () => { .set('x-test-username', USER_NAME) .send(reportBody) .expect(200); - const fileName = responseReport.body?.message.match(/([A-Z-0-9]*\.pdf)/gi)[0]; + const fileName = + responseReport.body?.message.match(/([A-Z-0-9]*\.pdf)/gi)[0]; const userPath = md5(USER_NAME); const reportPath = `${WAZUH_DATA_DOWNLOADS_REPORTS_DIRECTORY_PATH}/${userPath}/${fileName}`; const PDFbuffer = fs.readFileSync(reportPath); const PDFcontent = PDFbuffer.toString('utf8'); - const content = PDFcontent - .replace(/\[<[a-z0-9].+> <[a-z0-9].+>\]/gi, '') - .replace(/(obj\n\(D:[0-9].+Z\)\nendobj)/gi, ''); + const content = PDFcontent.replace( + /\[<[a-z0-9].+> <[a-z0-9].+>\]/gi, + '', + ).replace(/(obj\n\(D:[0-9].+Z\)\nendobj)/gi, ''); const PDFmd5 = md5(content); expect(PDFmd5).toBe(expectedMD5); - }); + }, + ); }); From 5e210ed6acdea01d7d36959921e036f57d181e26 Mon Sep 17 00:00:00 2001 From: Tostti Date: Wed, 9 Aug 2023 17:59:08 -0300 Subject: [PATCH 09/10] Change md5 in test --- server/routes/wazuh-reporting.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/routes/wazuh-reporting.test.ts b/server/routes/wazuh-reporting.test.ts index f809a5c6cc..d3af56becb 100644 --- a/server/routes/wazuh-reporting.test.ts +++ b/server/routes/wazuh-reporting.test.ts @@ -207,7 +207,7 @@ describe('[endpoint] PUT /utils/configuration', () => { footer | header | responseStatusCode | expectedMD5 | tab ${null} | ${null} | ${200} | ${'a261be6b2e5fb18bb7434ee46a01e174'} | ${'pm'} ${'Custom\nFooter'} | ${'info@company.com\nFake Avenue 123'} | ${200} | ${'51b268066bb5107e5eb0a9d791a89d0c'} | ${'general'} - ${''} | ${''} | ${200} | ${'8e8fbd90e08b810f700fcafbfdcdf638'} | ${'fim'} + ${''} | ${''} | ${200} | ${'0f43c9a8c864963940803851dd810f7b'} | ${'fim'} ${'Custom Footer'} | ${null} | ${200} | ${'2b16be2ea88d3891cda7acb6075826d9'} | ${'aws'} ${null} | ${'Custom Header'} | ${200} | ${'4a55136aaf8b5f6b544a03fe46917552'} | ${'gcp'} `( From 8000f1c053ed4f397ed840cbba94ec6eca53c619 Mon Sep 17 00:00:00 2001 From: Tostti Date: Wed, 9 Aug 2023 18:12:28 -0300 Subject: [PATCH 10/10] Change md5 in test --- server/routes/wazuh-reporting.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/routes/wazuh-reporting.test.ts b/server/routes/wazuh-reporting.test.ts index d3af56becb..f809a5c6cc 100644 --- a/server/routes/wazuh-reporting.test.ts +++ b/server/routes/wazuh-reporting.test.ts @@ -207,7 +207,7 @@ describe('[endpoint] PUT /utils/configuration', () => { footer | header | responseStatusCode | expectedMD5 | tab ${null} | ${null} | ${200} | ${'a261be6b2e5fb18bb7434ee46a01e174'} | ${'pm'} ${'Custom\nFooter'} | ${'info@company.com\nFake Avenue 123'} | ${200} | ${'51b268066bb5107e5eb0a9d791a89d0c'} | ${'general'} - ${''} | ${''} | ${200} | ${'0f43c9a8c864963940803851dd810f7b'} | ${'fim'} + ${''} | ${''} | ${200} | ${'8e8fbd90e08b810f700fcafbfdcdf638'} | ${'fim'} ${'Custom Footer'} | ${null} | ${200} | ${'2b16be2ea88d3891cda7acb6075826d9'} | ${'aws'} ${null} | ${'Custom Header'} | ${200} | ${'4a55136aaf8b5f6b544a03fe46917552'} | ${'gcp'} `(