Added molecule test for the Wazuh Agent

.travis.yml

@@ -4,4 +4,5 @@ before_script:
   - pip install pipenv
   - pipenv install --dev --system
 script:
-  - pipenv run test
+  - pipenv run test
+  - pipenv run agent

Pipfile

@@ -15,3 +15,4 @@ python_version = "2.7"
 
 [scripts]
 test ="molecule test"
+agent ="molecule test -s wazuh-agent"

README.md

@@ -53,6 +53,7 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
 pip install pipenv
 sudo pipenv install
 pipenv run test
+pipenv run agent
 ```
 
 ## Contribute

molecule/default/molecule.yml

@@ -5,28 +5,28 @@ driver:
   name: docker
 lint:
   name: yamllint
-  enabled: false # fix in seperate PR
+  enabled: false
 platforms:
   - name: bionic
     image: ubuntu:bionic
   - name: xenial
     image: solita/ubuntu-systemd:xenial
-    privileged: True
+    privileged: true
     command: /sbin/init
   - name: trusty
     image: ubuntu:trusty
   - name: centos6
     image: centos:6
   - name: centos7
     image: milcom/centos7-systemd
-    privileged: True
+    privileged: true
 provisioner:
   name: ansible
   env:
     ANSIBLE_ROLES_PATH: ../../roles
   lint:
     name: ansible-lint
-    enabled: true # fix in seperate PR
+    enabled: true
 scenario:
   name: default
   test_sequence:

molecule/default/playbook.yml

@@ -4,9 +4,8 @@
   roles:
     - role: wazuh/ansible-wazuh-manager
 
-
-    # - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP'
-    # Elasticsearch requires too much memory to test multiple containers concurrently - To Fix
-    #- {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
-    #- {role: elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'}
-    #- {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
+# - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP'
+# Elasticsearch requires too much memory to test multiple containers concurrently - To Fix
+# - {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
+# - {role: elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'}
+# - {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}

molecule/default/prepare.yml

@@ -1,7 +1,7 @@
 ---
 - name: Prepare
   hosts: all
-  gather_facts: True
+  gather_facts: true
   tasks:
 
     - name: "Install Python packages for Trusty to solve trust issues"

molecule/wazuh-agent/Dockerfile.j2

@@ -0,0 +1,14 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi

molecule/wazuh-agent/INSTALL.rst

@@ -0,0 +1,22 @@
+*******
+Docker driver installation guide
+*******
+
+Requirements
+============
+
+* Docker Engine
+
+Install
+=======
+
+Please refer to the `Virtual environment`_ documentation for installation best
+practices. If not using a virtual environment, please consider passing the
+widely recommended `'--user' flag`_ when invoking ``pip``.
+
+.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
+.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
+
+.. code-block:: bash
+
+    $ pip install 'molecule[docker]'

molecule/wazuh-agent/molecule.yml

@@ -0,0 +1,82 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+platforms:
+  - name: wazuh_server_centos7
+    image: milcom/centos7-systemd
+    networks:
+      - name: wazuh
+    privileged: true
+    groups:
+      - manager
+  - name: wazuh_agent_bionic
+    image: ubuntu:bionic
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+  - name: wazuh_agent_xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    command: /sbin/init
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+  - name: wazuh_agent_trusty
+    image: ubuntu:trusty
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+  - name: wazuh_agent_centos6
+    image: centos:6
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+  - name: wazuh_agent_centos7
+    image: milcom/centos7-systemd
+    privileged: true
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+provisioner:
+  name: ansible
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  inventory:
+    group_vars:
+      agent:
+        api_pass: password
+        wazuh_managers:
+          - address: "{{ wazuh_manager_ip }}"
+            port: 1514
+            protocol: tcp
+            api_port: 55000
+            api_proto: 'http'
+            api_user: null
+        wazuh_agent_authd:
+          enable: true
+          port: 1515
+          ssl_agent_ca: null
+          ssl_agent_cert: null
+          ssl_agent_key: null
+          ssl_auto_negotiate: 'no'
+
+  lint:
+    name: ansible-lint
+    enabled: true
+verifier:
+  name: testinfra
+  lint:
+    name: flake8

molecule/wazuh-agent/playbook.yml

@@ -0,0 +1,20 @@
+---
+- name: Converge
+  hosts: agent
+  pre_tasks:
+    - name: "Get ip Wazuh Manager"
+      shell: |
+        set -o pipefail
+        grep $(hostname) /etc/hosts | awk '{print $1}' | sort | head -n 2 | tail -n 1
+      register: wazuh_manager_ip_stdout
+      changed_when: false
+      delegate_to: wazuh_server_centos7
+      args:
+        executable: /bin/bash
+
+    - name: "Set fact for ip address"
+      set_fact:
+        wazuh_manager_ip: "{{ wazuh_manager_ip_stdout.stdout }}"
+
+  roles:
+    - role: wazuh/ansible-wazuh-agent

molecule/wazuh-agent/prepare.yml

@@ -0,0 +1,43 @@
+---
+- name: Prepare
+  hosts: manager
+  gather_facts: true
+  tasks:
+
+    - name: "Install dependencies"
+      package:
+        name:
+          - curl
+          - net-tools
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+
+  roles:
+    - role: wazuh/ansible-wazuh-manager
+
+- name: Prepare
+  hosts: agent
+  gather_facts: true
+  tasks:
+
+    - name: "Install Python packages for Trusty to solve trust issues"
+      package:
+        name:
+          - python-setuptools
+          - python-pip
+        state: latest
+      register: wazuh_manager_trusty_packages_installed
+      until: wazuh_manager_trusty_packages_installed is succeeded
+      when:
+        - ansible_distribution == "Ubuntu"
+        - ansible_distribution_major_version | int == 14
+
+    - name: "Install dependencies"
+      package:
+        name:
+          - curl
+          - net-tools
+        state: latest
+      register: wazuh_agent_dependencies_packages_installed
+      until: wazuh_agent_dependencies_packages_installed is succeeded

molecule/wazuh-agent/tests/test_agents.py

@@ -0,0 +1,23 @@
+import os
+import pytest
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('agent')
+
+
+def test_ossec_package_installed(Package):
+    ossec = Package('wazuh-agent')
+    assert ossec.is_installed
+
+
+@pytest.mark.parametrize("wazuh_service, wazuh_owner", (
+        ("ossec-agentd", "ossec"),
+        ("ossec-execd", "root"),
+        ("ossec-syscheckd", "root"),
+        ("wazuh-modulesd", "root"),
+))
+def test_wazuh_processes_running(host, wazuh_service, wazuh_owner):
+    master = host.process.get(user=wazuh_owner, comm=wazuh_service)
+    assert master.args == "/var/ossec/bin/" + wazuh_service

molecule/wazuh-agent/tests/test_manager.py

@@ -0,0 +1,15 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('manager')
+
+
+def test_agents_registered_on_manager(host):
+    cmd = host.run("/var/ossec/bin/manage_agents -l")
+    assert 'wazuh_agent_bionic' in cmd.stdout
+    assert 'wazuh_agent_xenial' in cmd.stdout
+    assert 'wazuh_agent_trusty' in cmd.stdout
+    assert 'wazuh_agent_centos6' in cmd.stdout
+    assert 'wazuh_agent_centos7' in cmd.stdout

playbooks/wazuh-agent.yml

@@ -1,3 +1,4 @@
+---
 - hosts: <your wazuh agents hosts>
   roles:
     - /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-agent

playbooks/wazuh-elastic.yml

@@ -1,3 +1,4 @@
+---
 - hosts: <your elasticsearch host>
   roles:
     - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'your elasticsearch IP'}

playbooks/wazuh-elastic_stack-distributed.yml

@@ -1,3 +1,4 @@
+---
 - hosts: <your wazuh server host>
   roles:
     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager

playbooks/wazuh-elastic_stack-single.yml

@@ -1,3 +1,4 @@
+---
 - hosts: <your single server host>
   roles:
       - {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager}

playbooks/wazuh-kibana.yml

@@ -1,3 +1,4 @@
+---
 - hosts: <your kibana host>
   roles:
     - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'your elasticsearch IP'}

playbooks/wazuh-logstash.yml

@@ -1,3 +1,4 @@
+---
 - hosts: <your logstash host>
   roles:
     - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, elasticsearch_network_host: ["localhost"]}

playbooks/wazuh-manager.yml

@@ -1,3 +1,4 @@
+---
 - hosts: <your wazuh server host>
   roles:
     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager

roles/ansible-galaxy/meta/main.yml

@@ -5,7 +5,7 @@ dependencies: []
 galaxy_info:
   author: Wazuh
   categories:
-  - monitoring
+    - monitoring
   company: wazuh.com
   description: Installing, deploying and configuring Wazuh Manager.
   galaxy_tags:
@@ -15,15 +15,15 @@ galaxy_info:
   license: license (GPLv3)
   min_ansible_version: 2.0
   platforms:
-  - name: Debian
-    versions:
-    - all
-  - name: EL
-    versions:
-    - all
-  - name: Fedora
-    versions:
-    - all
-  - name: Ubuntu
-    versions:
-    - all
+    - name: Debian
+      versions:
+        - all
+    - name: EL
+      versions:
+        - all
+    - name: Fedora
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all

roles/elastic-stack/ansible-elasticsearch/defaults/main.yml

@@ -7,4 +7,4 @@ elasticsearch_jvm_xms: null
 elastic_stack_version: 6.7.1
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
-elasticsearch_install_java: yes
+elasticsearch_install_java: true