Using Molecule for Wazuh Manager

[dj-wasabi]

This PR contains the following change(s):

• Configured Molecule to run a default installation on the already configured Operating Systems. Currently this PR only contains the installation of the Wazuh Manager. Other roles will be done in different PR's (So the PR's won't be that huge);

I was able to run a molecule test (almost) without any issues. (Occasionally this task wazuh/ansible-wazuh-manager : CDB Lists fails, so have to take a look at it.)

Some things are still todo and thus this this PR is still Work In Progress:

• Addition of Testinfra test;
• idempotence check fails during molecule test, have to take a look for that;
• Retries of the packages installation, which is suggested by Ansible (Could also be a separate PR if needed)
• I started with the idea that there was one scenario that was doing everything, but noticed a comment in an issue (Which makes more sense to do it with multiple scenarios), so some things like the molecule.yml and playbook.yml should be changed as well (As in removal of the group, use the previous names for the containers.)

As I made some changes, please take a look. Will remove the [WIP] prefix when I think I'm ready, but don't hesitate to make any comment(s) on this PR. 😄

[manuasir]

Fantastic work @dj-wasabi! Thank you.

[manuasir]

Regarding the 4th check of the description, it's absolutely great if we follow the first idea of having one single scenario and do the design according to it. If you say that it would be less messy, it was the original purpose and this PR is based on it, let's do it 👍 it's still hugely helpful.

[dj-wasabi]

Hi @manuasir

I did some thinking about the scenarios and in the end, and I think it helps to have multiple scenarios. Currently the default contains the checks to make sure the validation of the installation of Wazuh Manager on the platforms.

The "2nd" scenario can be executed by starting a single Wazuh Manager (Let say CentOS 7) and the containers for the Wazuh Agents. With this, we can validate if the Agents can be installed properly and also see if they register them self correctly on the Manager. (This is what I did with my Ossec Agent role, so would say this works with Wazuh as well. 😄 )

A 3rd scenario can be created that verifies the installation of the "(b)ELK" related roles.

Doing this, each scenario would spinup 5 or 6 containers to do the installation/validation of the roles, which looks more resource friendly when there is one scenario that has 10 containers running (Wazuh Manager and a Wazuh Agent). Also a bit easier to manager when you want to support other operating systems that should be tested/validated with Molecule. (My 2 cents)

[dj-wasabi]

I added a few tests, it verifies the following:

• Manager and API packages are installed;
• Manager and API services are enabled;
• A few files that should be on the system with the proper owner and mode;

I can add some more files where needed, but didn't want to add everything yet as this would increase the duration a lot. I'm not sure if you have ideas about duration of tests. But we can always add more tests.

Due to a bug in the status command, the Testinfra test can not verify yet if the services are running as the command provided an exit code != 0. When that is fixed, then we can remove the commented lines.

[dj-wasabi]

@manuasir Thanks!

Will create some new PR's for the test of the roles. Should these also be merged into v3.9.0?

[manuasir]

Correct, @dj-wasabi . In principle we're going to merge new features/test to the upcoming 3.9 branch.

Thank you.