Fix manager_agent environment #4808

Deblintrake09 · 2024-01-04T14:58:11Z

Related issue
#4295

Description

This PR aims to fix the manager_agent environment used in System Tests so that it installs the tested version in agent3 endpoint.

Updated

manager_agent/vars/configurations.yml file to parametrize agent3 package version.
manager_agent/playbook.yml file to specify each agent user.

Testing performed

Create environment 🟢

Build environment

# ansible-playbook -i inventory.yml destroy.yml --extra-vars='{"package_repository":"packages", "repository": "4.x", "package_version": "4.7.1", "package_revision": "1"}'
[DEPRECATION WARNING]: DEFAULT_GATHER_TIMEOUT option, the module_defaults keyword is a more generic version and can apply to all calls to the M(ansible.builtin.gather_facts) or M(ansible.builtin.setup) actions, use module_defaults instead. This feature will be removed from ansible-core in version 
2.18. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

PLAY [localhost] *******************************************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [docker_container] ************************************************************************************************************************************************************************************************************************************************************************************
changed: [localhost]

TASK [docker_container] ************************************************************************************************************************************************************************************************************************************************************************************
changed: [localhost] => (item=1)
changed: [localhost] => (item=2)
changed: [localhost] => (item=3)

PLAY RECAP *************************************************************************************************************************************************************************************************************************************************************************************************
localhost                  : ok=3    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

root@pop-os:/home/qa/wazuh-qa/tests/system/provisioning/manager_agent# ansible-playbook -i inventory.yml playbook.yml --extra-vars='{"package_repository":"packages", "repository": "4.x", "package_version": "4.7.1", "package_revision": "1"}'
[DEPRECATION WARNING]: DEFAULT_GATHER_TIMEOUT option, the module_defaults keyword is a more generic version and can apply to all calls to the M(ansible.builtin.gather_facts) or M(ansible.builtin.setup) actions, use module_defaults instead. This feature will be removed from ansible-core in version 
2.18. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

PLAY [Create our container (Manager)] **********************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [Create a network] ************************************************************************************************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [docker_container] ************************************************************************************************************************************************************************************************************************************************************************************
changed: [localhost]

PLAY [Create our container (Agent1)] ***********************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [docker_container] ************************************************************************************************************************************************************************************************************************************************************************************
changed: [localhost]

PLAY [Create our container (Agent2)] ***********************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [docker_container] ************************************************************************************************************************************************************************************************************************************************************************************
changed: [localhost]

PLAY [Create our container (Agent3)] ***********************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [docker_container] ************************************************************************************************************************************************************************************************************************************************************************************
changed: [localhost]

PLAY [Wazuh Manager] ***************************************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************
ok: [wazuh-manager]

TASK [roles/manager-role : Check and update debian repositories] *******************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : Installing dependencies using apt] **********************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : Get manager package] ************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : Install manager package] ********************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : Copy ossec.conf file] ***********************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : Set cluster key] ****************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : Set Wazuh Manager IP] ***********************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : Stop Wazuh] *********************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : Remove client.keys] *************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : enable execd debug mode] ********************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : Register agents] ****************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

TASK [roles/manager-role : Start Wazuh] ********************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-manager]

PLAY [Wazuh Agent1] ****************************************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************
ok: [wazuh-agent1]

TASK [roles/agent-role : Check and update debian repositories] *********************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

TASK [roles/agent-role : Installing dependencies using apt] ************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

TASK [roles/agent-role : Create log source] ****************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

TASK [roles/agent-role : Download package] *****************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

TASK [roles/agent-role : Install agent] ********************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

TASK [roles/agent-role : Copy ossec.conf file] *************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

TASK [roles/agent-role : enable execd debug mode] **********************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

TASK [roles/agent-role : Remove client.keys] ***************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

TASK [roles/agent-role : Register agents] ******************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

TASK [roles/agent-role : Set Wazuh Manager IP] *************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

TASK [roles/agent-role : Restart Wazuh] ********************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent1]

PLAY [Wazuh Agent2] ****************************************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************
ok: [wazuh-agent2]

TASK [roles/agent-role : Check and update debian repositories] *********************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

TASK [roles/agent-role : Installing dependencies using apt] ************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

TASK [roles/agent-role : Create log source] ****************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

TASK [roles/agent-role : Download package] *****************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

TASK [roles/agent-role : Install agent] ********************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

TASK [roles/agent-role : Copy ossec.conf file] *************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

TASK [roles/agent-role : enable execd debug mode] **********************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

TASK [roles/agent-role : Remove client.keys] ***************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

TASK [roles/agent-role : Register agents] ******************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

TASK [roles/agent-role : Set Wazuh Manager IP] *************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

TASK [roles/agent-role : Restart Wazuh] ********************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent2]

PLAY [Wazuh Agent3] ****************************************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************
ok: [wazuh-agent3]

TASK [roles/agent-role : Check and update debian repositories] *********************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

TASK [roles/agent-role : Installing dependencies using apt] ************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

TASK [roles/agent-role : Create log source] ****************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

TASK [roles/agent-role : Download package] *****************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

TASK [roles/agent-role : Install agent] ********************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

TASK [roles/agent-role : Copy ossec.conf file] *************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

TASK [roles/agent-role : enable execd debug mode] **********************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

TASK [roles/agent-role : Remove client.keys] ***************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

TASK [roles/agent-role : Register agents] ******************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

TASK [roles/agent-role : Set Wazuh Manager IP] *************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

TASK [roles/agent-role : Restart Wazuh] ********************************************************************************************************************************************************************************************************************************************************************
changed: [wazuh-agent3]

PLAY RECAP *************************************************************************************************************************************************************************************************************************************************************************************************
localhost                  : ok=9    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
wazuh-agent1               : ok=12   changed=11   unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
wazuh-agent2               : ok=12   changed=11   unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
wazuh-agent3               : ok=12   changed=11   unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
wazuh-manager              : ok=13   changed=12   unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Check Agent status and version on manager

# docker ps
CONTAINER ID   IMAGE                       COMMAND          CREATED         STATUS         PORTS     NAMES
fbb82eb549d7   dontpanicat/debian:buster   "/panic/entry"   4 minutes ago   Up 4 minutes             wazuh-agent3
44d2dba95d34   dontpanicat/debian:buster   "/panic/entry"   4 minutes ago   Up 4 minutes             wazuh-agent2
a9cc1fd1d09a   dontpanicat/debian:buster   "/panic/entry"   4 minutes ago   Up 4 minutes             wazuh-agent1
65955716594a   dontpanicat/debian:buster   "/panic/entry"   4 minutes ago   Up 4 minutes             wazuh-manager

# docker exec -it 65955716594a /bin/bash
# /var/ossec/bin/agent_control -l

Wazuh agent_control. List of available agents:
   ID: 000, Name: wazuh-manager (server), IP: 127.0.0.1, Active/Local
   ID: 001, Name: wazuh-agent1, IP: any, Active
   ID: 002, Name: wazuh-agent2, IP: any, Active
   ID: 003, Name: wazuh-agent3, IP: any, Active

List of agentless devices:

# /var/ossec/bin/agent_control -i 001

Wazuh agent_control. Agent information:
   Agent ID:   001
   Agent Name: wazuh-agent1
   IP address: any
   Status:     Active

   Operating system:    Linux |wazuh-agent1 |6.6.6-76060606-generic |#202312111032~1702306143~22.04~d28ffec SMP PREEMPT_DYNAMIC Mon D |x86_64
   Client version:      Wazuh v4.1.5
   Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
   Shared file hash:    0bdbd7cf0acf754f8e3d4953a705e4e2
   Last keep alive:     1704369916

   Syscheck last started at:  Thu Jan  4 13:02:27 2024
   Syscheck last ended at:    Thu Jan  4 13:02:28 2024



root@wazuh-manager: ~# /var/ossec/bin/agent_control -i 002

Wazuh agent_control. Agent information:
   Agent ID:   002
   Agent Name: wazuh-agent2
   IP address: any
   Status:     Active

   Operating system:    Linux |wazuh-agent2 |6.6.6-76060606-generic |#202312111032~1702306143~22.04~d28ffec SMP PREEMPT_DYNAMIC Mon D |x86_64
   Client version:      Wazuh v4.2.2
   Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
   Shared file hash:    0bdbd7cf0acf754f8e3d4953a705e4e2
   Last keep alive:     1704369925

   Syscheck last started at:  Thu Jan  4 13:02:56 2024
   Syscheck last ended at:    Thu Jan  4 13:02:56 2024

root@wazuh-manager: ~# /var/ossec/bin/agent_control -i 003

Wazuh agent_control. Agent information:
   Agent ID:   003
   Agent Name: wazuh-agent3
   IP address: any
   Status:     Active

   Operating system:    Linux |wazuh-agent3 |6.6.6-76060606-generic |#202312111032~1702306143~22.04~d28ffec SMP PREEMPT_DYNAMIC Mon D |x86_64
   Client version:      Wazuh v4.7.1
   Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
   Shared file hash:    0bdbd7cf0acf754f8e3d4953a705e4e2
   Last keep alive:     1704369920

   Syscheck last started at:  Thu Jan  4 13:03:31 2024
   Syscheck last ended at:    Thu Jan  4 13:03:31 2024

Check agent1 file permissions and status

# docker exec -it a9cc1fd1d09a /bin/bash

root@wazuh-agent1: ~# ls -la  /var/ossec/etc/     
total 48
drwxrwx---  3 ossec ossec  4096 Jan  4 13:02 .
drwxr-x--- 15 root  ossec  4096 Jan  4 13:02 ..
-rw-rw-r--  1 ossec root     86 Jan  4 13:02 client.keys
-rw-r-----  1 root  ossec 13202 Apr 22  2021 internal_options.conf
-rw-r-----  1 root  ossec   392 Jan  4 13:02 local_internal_options.conf
-rw-r-----  1 root  ossec  2237 Apr 27  2020 localtime
lrwxrwxrwx  1 root  root     20 Apr 22  2021 ossec-init.conf -> /etc/ossec-init.conf
-rw-rw-r--  1 ossec ossec  2439 Jan  4 13:02 ossec.conf
drwxrwx---  2 root  ossec  4096 Jan  4 13:02 shared
-rw-r-----  1 root  ossec  1229 Apr 22  2021 wpk_root.pem

root@wazuh-agent1: ~# /var/ossec/bin/ossec-control status
wazuh-modulesd is running...
ossec-logcollector is running...
ossec-syscheckd is running...
ossec-agentd is running...
ossec-execd is running...

Check agent2 file permissions and status


# docker exec -it  44d2dba95d34 /bin/bash

root@wazuh-agent2: ~# ls /var/ossec/etc/ -la             
total 48
drwxrwx---  3 ossec ossec  4096 Jan  4 13:02 .
drwxr-x--- 15 root  ossec  4096 Jan  4 13:02 ..
-rw-rw-r--  1 ossec root     86 Jan  4 13:02 client.keys
-rw-r-----  1 root  ossec 13348 Sep 24  2021 internal_options.conf
-rw-r-----  1 root  ossec   392 Jan  4 13:02 local_internal_options.conf
-rw-r-----  1 root  ossec  2237 Apr 27  2020 localtime
-rw-rw-r--  1 ossec ossec  2439 Jan  4 13:02 ossec.conf
drwxrwx---  2 root  ossec  4096 Jan  4 13:02 shared
-rw-r-----  1 root  ossec  1229 Sep 24  2021 wpk_root.pem

root@wazuh-agent2: ~# /var/ossec/bin/wazuh-control status
wazuh-modulesd is running...
wazuh-logcollector is running...
wazuh-syscheckd is running...
wazuh-agentd is running...

Check agent3 file permissions and status

# docker exec -it fbb82eb549d7 /bin/bash

root@wazuh-agent3: ~# ls -la /var/ossec/etc/
total 48
drwxrwx---  3 wazuh wazuh  4096 Jan  4 13:03 .
drwxr-x--- 15 root  wazuh  4096 Jan  4 13:03 ..
-rw-rw-r--  1 root  root     86 Jan  4 13:03 client.keys
-rw-r-----  1 root  wazuh 14163 Dec 15 20:47 internal_options.conf
-rw-r-----  1 root  wazuh   392 Jan  4 13:03 local_internal_options.conf
-rw-r-----  1 root  wazuh  2237 Apr 27  2020 localtime
-rw-rw-r--  1 root  wazuh  2439 Jan  4 13:03 ossec.conf
drwxrwx---  2 root  wazuh  4096 Jan  4 13:03 shared
-rw-r-----  1 root  wazuh  1367 Dec 15 20:47 wpk_root.pem

root@wazuh-agent3: ~# /var/ossec/bin/wazuh-control status
wazuh-modulesd is running...
wazuh-logcollector is running...
wazuh-syscheckd is running...
wazuh-agentd is running...
wazuh-execd is running...

Launch tests 🟢

Execute tests


# python3 -m pytest test_active_response_log_format.py -vv
=========================================================================================================================================== test session starts ============================================================================================================================================
platform linux -- Python 3.10.12, pytest-7.1.2, pluggy-1.3.0 -- /usr/bin/python3
cachedir: .pytest_cache
metadata: {'Python': '3.10.12', 'Platform': 'Linux-6.6.6-76060606-generic-x86_64-with-glibc2.35', 'Packages': {'pytest': '7.1.2', 'pluggy': '1.3.0'}, 'Plugins': {'html': '3.1.1', 'testinfra': '5.0.0', 'metadata': '3.0.0'}}
rootdir: /home/qa/wazuh-qa/tests/system, configfile: pytest.ini
plugins: html-3.1.1, testinfra-5.0.0, metadata-3.0.0
collected 3 items                                                                                                                                                                                                                                                                                          

test_active_response_log_format.py::test_active_response_log_format[wazuh-agent1-data/messages_415_or_lower.yml] PASSED                                                                                                                                                                              [ 33%]
test_active_response_log_format.py::test_active_response_log_format[wazuh-agent2-data/messages_420_to_424.yml] PASSED                                                                                                                                                                                [ 66%]
test_active_response_log_format.py::test_active_response_log_format[wazuh-agent3-data/messages_425_or_greater.yml] PASSED                                                                                                                                                                            [100%]

====================================================================================================================================== 3 passed in 102.66s (0:01:42) =======================================================================================================================================

pro-akim

Review Notes

GJ. Some changes should be done.

pro-akim · 2024-01-05T11:09:12Z

tests/system/provisioning/manager_agent/vars/configurations.yml

 agent3_id: "003"
 agent3_hostname: "wazuh-agent3"
 agent3_key: "3333333333333333333333333333333333333333333333333333333333333333"
-agent3_package: "https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-agent/wazuh-agent_4.2.5-1_amd64.deb"
+agent3_package: "https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-agent/wazuh-agent_{{package_version}}-{{package_revision}}_amd64.deb"


The problem with this structure is that most of system test are executed using packages from packages-dev.com/pre-elease.

Example:
If ansible is executed using:

ansible-playbook -i inventory.yml playbook.yml --extra-vars='{"package_repository":"packages-dev", "repository": "pre-release", "package_version": "4.8.0", "package_revision": "1"}'

The provision of agent-3 will fail because the package in the URL will not exist:

TASK [roles/agent-role : Create log source] ***************************************************************************************************************************** changed: [wazuh-agent3] TASK [roles/agent-role : Download package] ****************************************************************************************************************************** fatal: [wazuh-agent3]: FAILED! => changed=false dest: /tmp/wazuh-agent.deb elapsed: 0 msg: Request failed response: 'HTTP Error 404: Not Found' status_code: 404 url: https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-agent/wazuh-agent_4.8.0-1_amd64.deb PLAY RECAP ************************************************************************************************************************************************************** localhost : ok=9 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-agent1 : ok=12 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-agent2 : ok=12 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-agent3 : ok=4 changed=3 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=13 changed=12 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

Fixed in 9c8de59

pro-akim

Review Notes

LGTM

Deblintrake09 added 3 commits January 4, 2024 10:48

fix: change user in agent role tasks

77a8a2b

fix: change agent user for files

d170b6d

fix: parametrize agent3 package

7954adb

Deblintrake09 self-assigned this Jan 4, 2024

Deblintrake09 changed the title ~~Enhancement/4295 fix manager agent environment~~ Fix manager_agent environment Jan 4, 2024

Deblintrake09 linked an issue Jan 4, 2024 that may be closed by this pull request

Agent installation fails for manager_agent role #4295

Closed

1 task

pro-akim requested changes Jan 5, 2024

View reviewed changes

Add package_repository to agent3 in configurations.yml

9c8de59

Deblintrake09 requested a review from pro-akim January 5, 2024 11:18

fix: add repository for agent3 package url

6be11bf

pro-akim approved these changes Jan 5, 2024

View reviewed changes

davidjiglesias merged commit 709e1cd into 4.8.1 Jan 10, 2024
2 of 4 checks passed

davidjiglesias deleted the enhancement/4295-fix-manager-agent-environment branch January 10, 2024 09:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix manager_agent environment #4808

Fix manager_agent environment #4808

Deblintrake09 commented Jan 4, 2024 •

edited

Loading

pro-akim left a comment

pro-akim Jan 5, 2024

Deblintrake09 Jan 5, 2024

pro-akim left a comment

Fix manager_agent environment #4808

Fix manager_agent environment #4808

Conversation

Deblintrake09 commented Jan 4, 2024 • edited Loading

Description

Updated

Testing performed

pro-akim left a comment

Choose a reason for hiding this comment

Review Notes

pro-akim Jan 5, 2024

Choose a reason for hiding this comment

Deblintrake09 Jan 5, 2024

Choose a reason for hiding this comment

pro-akim left a comment

Choose a reason for hiding this comment

Review Notes

Deblintrake09 commented Jan 4, 2024 •

edited

Loading