PR Tests in Github Action

.github/configure/action.yml

@@ -0,0 +1,18 @@
+runs:
+ using: "composite"
+ steps:
+ - name: Configure puppet server
+ shell: bash
+ run: |
+ echo "[main]" | sudo tee -a /etc/puppetlabs/puppet/puppet.conf > /dev/null
+ echo "server = "$HOSTNAME | sudo tee -a /etc/puppetlabs/puppet/puppet.conf > /dev/null
+ echo "dns_alt_names = "$HOSTNAME | sudo tee -a /etc/puppetlabs/puppet/puppet.conf > /dev/null
+ sudo echo "127.0.0.1 puppet" | sudo tee -a /etc/hosts > /dev/null
+ sudo cat /etc/puppetlabs/puppet/puppet.conf
+
+ - name: Start Puppet Server
+ shell: bash
+ run: |
+ sudo systemctl start puppetserver
+ sudo systemctl enable puppetserver
+ sudo systemctl status puppetserver

.github/debian_install/action.yml

@@ -0,0 +1,18 @@
+runs:
+ using: "composite"
+ steps:
+ - name: Install dependencies
+ shell: bash
+ run: |
+ sudo apt-get update
+ sudo apt-get install curl apt-transport-https lsb-release wget
+
+ - name: Download and Install Puppet server
+ shell: bash
+ run: |
+ wget https://apt.puppet.com/puppet7-release-focal.deb
+ sudo dpkg -i puppet7-release-focal.deb
+ sudo apt-get update
+ sudo apt-get install -y puppetserver
+ sudo ln -s /opt/puppetlabs/bin/puppet /bin
+ sudo ln -s /opt/puppetlabs/server/bin/puppetserver /bin

.github/install_stack/action.yml

@@ -0,0 +1,16 @@
+runs:
+ using: "composite"
+ steps:
+ - name: Create manifest for install Wazuh stack
+ shell: bash
+ run: |
+ hostname=$(sudo puppetserver ca list --all | awk '{if(NR>1)print $1;}'| sed 's/[.]$//')
+ sudo echo "127.0.0.1 "$hostname | sudo tee -a /etc/hosts > /dev/null
+ sudo echo "node "\"$hostname\"" {" | sudo tee -a /etc/puppetlabs/code/environments/production/manifests/stack.pp > /dev/null
+ sudo echo "class {'wazuh::manager':} -> class {'wazuh::indexer':} -> class {'wazuh::filebeat_oss':} -> class {'wazuh::dashboard':}" | sudo tee -a /etc/puppetlabs/code/environments/production/manifests/stack.pp > /dev/null
+ sudo echo "}" | sudo tee -a /etc/puppetlabs/code/environments/production/manifests/stack.pp > /dev/null
+ sudo cat /etc/puppetlabs/code/environments/production/manifests/stack.pp
+
+ - name: Install Wazuh Stack
+ shell: bash
+ run: sudo bash -c 'puppet agent -tod || test $? -eq 2'

.github/tests/action.yml

@@ -0,0 +1,112 @@
+runs:
+ using: "composite"
+ steps:
+ - name: Wait for start Wazuh Cluster
+ shell: bash
+ run: sleep 120
+
+ - name: Check Wazuh indexer start
+ shell: bash
+ run: |
+ status_green="`curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:admin -k -s | grep green | wc -l`"
+ if [[ $status_green -eq 1 ]]; then
+ curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:admin -k -s
+ else
+ curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:admin -k -s
+ exit 1
+ fi
+ status_index="`curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:admin -k -s | wc -l`"
+ status_index_green="`curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:admin -k -s | grep "green" | wc -l`"
+ if [[ $status_index_green -eq $status_index ]]; then
+ curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:admin -k -s
+ else
+ curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:admin -k -s
+ exit 1
+ fi
+
+ - name: Check Wazuh indexer nodes
+ shell: bash
+ run: |
+ nodes="`curl -XGET "https://0.0.0.0:9200/_cat/nodes" -u admin:admin -k -s | wc -l`"
+ if [[ $nodes -eq 1 ]]; then
+ echo "Wazuh indexer nodes: ${nodes}"
+ else
+ echo "Wazuh indexer nodes: ${nodes}"
+ exit 1
+ fi
+
+ - name: Check documents into wazuh-alerts index
+ shell: bash
+ run: |
+ docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:admin -k -s | jq -r ".count"`"
+ if [[ $docs -gt 100 ]]; then
+ echo "wazuh-alerts index documents: ${docs}"
+ else
+ echo "wazuh-alerts index documents: ${docs}"
+ exit 1
+ fi
+
+ - name: Check Wazuh templates
+ shell: bash
+ run: |
+ qty_templates="`curl -XGET "https://0.0.0.0:9200/_cat/templates" -u admin:admin -k -s | grep -P "wazuh|wazuh-agent|wazuh-statistics" | wc -l`"
+ templates="`curl -XGET "https://0.0.0.0:9200/_cat/templates" -u admin:admin -k -s | grep -P "wazuh|wazuh-agent|wazuh-statistics"`"
+ if [[ $qty_templates -eq 3 ]]; then
+ echo "wazuh templates:"
+ echo "${templates}"
+ else
+ echo "wazuh templates:"
+ echo "${templates}"
+ exit 1
+ fi
+
+ - name: Check Wazuh manager start
+ shell: bash
+ run: |
+ services="`curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items | grep running | wc -l`"
+ if [[ $services -gt 9 ]]; then
+ echo "Wazuh Manager Services: ${services}"
+ echo "OK"
+ else
+ echo "Wazuh indexer nodes: ${nodes}"
+ curl -k -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items
+ exit 1
+ fi
+ env:
+ TOKEN: $(curl -s -u wazuh-wui:wazuh-wui -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
+
+ - name: Check Wazuh dashboard service URL
+ shell: bash
+ run: |
+ status=$(curl -XGET --silent https://0.0.0.0:443/app/status -k -u admin:admin -I -s | grep -E "^HTTP" | awk '{print $2}')
+ if [[ $status -eq 200 ]]; then
+ echo "Wazuh dashboard status: ${status}"
+ else
+ echo "Wazuh dashboard status: ${status}"
+ exit 1
+ fi
+
+ - name: Check Errors in ossec.log
+ shell: bash
+ run: |
+ log=$(sudo awk 'BEGIN{IGNORECASE=1} /ERROR|CRITICAL/' /var/ossec/logs/ossec.log)
+ if [[ -z "$log" ]]; then
+ echo "No errors in ossec.log"
+ else
+ echo "Errors in ossec.log:"
+ echo "${log}"
+ exit 1
+ fi
+
+ - name: Check Errors from filebeat
+ shell: bash
+ run: |
+ filebeatout=$(sudo filebeat test output)
+ filebeatstatus=$(echo "${filebeatout}" | grep -c OK)
+ if [[ filebeatstatus -eq 7 ]]; then
+ echo "No errors in filebeat"
+ else
+ echo "Errors in filebeat"
+ echo "${filebeatout}"
+ exit 1
+ fi