Merge pull request #23212 from wazuh/merge-4.9.0-into-master

Merge 4.9.0 into master

.github/actions/vulnerability_scanner/content_generation/action.yml

@@ -10,7 +10,7 @@ inputs:
   config_path:
     required: true
     description: "Path to the configuration file"
-    default: src/wazuh_modules/vulnerability_scanner/testtool/scanner/config.json
+    default: src/wazuh_modules/vulnerability_scanner/testtool/scanner/config.content_generation.json
 
   indexer_template_path:
     required: true

.github/actions/vulnerability_scanner_deps/action.yml

@@ -18,6 +18,12 @@ runs:
           # Update packages
           sudo apt-get update
           sudo apt-get install -y cmake
+      
+      - name: General dependencies
+        shell: bash
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libc6-dbg
 
       - name: Build external deps
         run: |

.github/workflows/integration-tests-analysisd-tier-0-1.yml

@@ -72,9 +72,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/integration-tests-analysisd-tier-2.yml

@@ -61,9 +61,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/integration-tests-api-tier-0-1.yml

@@ -68,9 +68,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/integration-tests-api-tier-2.yml

@@ -61,9 +61,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/integration-tests-execd-tier-0-1-lin.yml

@@ -70,9 +70,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/integration-tests-execd-tier-0-1-win.yml

@@ -87,9 +87,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install qa-integration-framework
         run: |
-          if (git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_NAME) {
+          if (git ls-remote https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_NAME) {
               $QA_BRANCH = $env:BRANCH_NAME
-          } elseif (git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_BASE) {
+          } elseif (git ls-remote https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_BASE) {
               $QA_BRANCH = $env:BRANCH_BASE
           } else {
               $QA_BRANCH = "main"

.github/workflows/integration-tests-fim-tier-0-1-macos.yml

@@ -0,0 +1,87 @@
+name: Integration tests for fim on MacOS - Tier 0 and 1
+
+on:
+  workflow_dispatch:
+    inputs:
+      base_branch:
+        description: 'Base branch'
+        required: true
+        default: 'main'
+  pull_request:
+    paths:
+        - ".github/workflows/integration-tests-fim-tier-0-1-macos.yml"
+        - "src/config/syscheck-config.c"
+        - "src/config/syscheck-config.h"
+        - "src/syscheckd/**"
+        - "src/Makefile"
+        - "tests/integration/conftest.py"
+        - "tests/integration/test_fim/**"
+
+jobs:
+  build:
+    env:
+      BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
+      BRANCH_BASE: ${{ github.base_ref || inputs.base_branch }}
+    runs-on: macos-13
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v3
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version-file: ".github/workflows/.python-version-it"
+          architecture: x64
+      # Build wazuh agent for macOS.
+      - name: Build wazuh agent for macOS
+        run: |
+          make deps -C src TARGET=agent -j2
+          make -C src TARGET=agent -j2
+      # Install wazuh agent for macOS.
+      - name: Install wazuh agent for macOS
+        run: |
+            echo 'USER_LANGUAGE="en"' > ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_NO_STOP="y"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_INSTALL_TYPE="agent"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo "USER_DIR=/Library/Ossec" >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_ENABLE_EMAIL="n"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_ENABLE_SYSCHECK="n"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_ENABLE_ROOTCHECK="n"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_ENABLE_OPENSCAP="n"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_WHITE_LIST="n"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_ENABLE_SYSLOG="n"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_ENABLE_AUTHD="n"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_AUTO_START="y"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            echo 'USER_AGENT_SERVER_IP="127.0.0.1"' >> ./etc/preloaded-vars.conf
+            echo "" >> ./etc/preloaded-vars.conf
+            sudo sh install.sh
+            rm ./etc/preloaded-vars.conf
+      # Download and install integration tests framework.
+      - name: Download and install integration tests framework
+        run: |
+          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+              QA_BRANCH=${BRANCH_NAME}
+          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+              QA_BRANCH=${BRANCH_BASE}
+          else
+              QA_BRANCH="main"
+          fi
+          git clone -b ${QA_BRANCH} --single-branch https://github.com/wazuh/qa-integration-framework.git
+          sudo pip install qa-integration-framework/
+          sudo rm -rf qa-integration-framework/
+      # Run fim integration tests.
+      - name: Run fim integration tests
+        run: |
+          cd tests/integration
+          sudo python -m pytest --tier 0 --tier 1 test_fim/

.github/workflows/integration-tests-github-tier-0-1-lin.yml

@@ -70,9 +70,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/integration-tests-github-tier-0-1-win.yml

@@ -87,9 +87,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install qa-integration-framework
         run: |
-          if (git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_NAME) {
+          if (git ls-remote https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_NAME) {
               $QA_BRANCH = $env:BRANCH_NAME
-          } elseif (git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_BASE) {
+          } elseif (git ls-remote https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_BASE) {
               $QA_BRANCH = $env:BRANCH_BASE
           } else {
               $QA_BRANCH = "main"

.github/workflows/integration-tests-logcollector-tier-0-1-macos.yml

@@ -22,7 +22,7 @@ jobs:
     env:
       BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
       BRANCH_BASE: ${{ github.base_ref || inputs.base_branch }}
-    runs-on: macos-latest
+    runs-on: macos-13
     steps:
       - name: Checkout Repo
         uses: actions/checkout@v3

.github/workflows/integration-tests-msgraph-tier-0-1-lin.yml

@@ -80,9 +80,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/integration-tests-office365-tier-0-1-lin.yml

@@ -70,9 +70,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/integration-tests-office365-tier-0-1-win.yml

@@ -87,9 +87,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install qa-integration-framework
         run: |
-          if (git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_NAME) {
+          if (git ls-remote https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_NAME) {
               $QA_BRANCH = $env:BRANCH_NAME
-          } elseif (git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_BASE) {
+          } elseif (git ls-remote https://github.com/wazuh/qa-integration-framework.git $env:BRANCH_BASE) {
               $QA_BRANCH = $env:BRANCH_BASE
           } else {
               $QA_BRANCH = "main"

.github/workflows/integration-tests-rbac-tier-0-1.yml

@@ -68,9 +68,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/integration-tests-vulnerability_detector-tier-0-1.yml

@@ -70,9 +70,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/integration-tests-vulnerability_detector-tier-2.yml

@@ -61,9 +61,9 @@ jobs:
       # Download and install integration tests framework.
       - name: Download and install integration tests framework
         run: |
-          if [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
+          if [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_NAME}`" != "X" ]; then
               QA_BRANCH=${BRANCH_NAME}
-          elif [ "X`git ls-remote --heads https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
+          elif [ "X`git ls-remote https://github.com/wazuh/qa-integration-framework.git ${BRANCH_BASE}`" != "X" ]; then
               QA_BRANCH=${BRANCH_BASE}
           else
               QA_BRANCH="main"

.github/workflows/scan-build.yml

@@ -63,7 +63,7 @@ jobs:
         run: exit 1
 
   scan-build-macos-agent:
-    runs-on: macos-latest
+    runs-on: macos-13
     steps:
       - uses: actions/checkout@v3
       - name: Install dependencies

.github/workflows/vulnerability-scanner-generate-database.yml

@@ -21,7 +21,7 @@ on:
 
 jobs:
   vulnerability_scanner_database_scheduled_update:
-    if: ${{ github.event_name == 'pull_request' || github.event_name == 'schedule' }}
+    if: github.event_name == 'schedule'
 
     runs-on: ubuntu-latest
 
@@ -54,8 +54,6 @@ jobs:
       ########################
       - name: Compile
         uses: ./.github/actions/vulnerability_scanner/compile
-        with:
-          wazuh_version: ${{ matrix.wazuh_version }}
 
       ########################
       # Content generation   #
@@ -82,6 +80,40 @@ jobs:
           AWS_DEFAULT_REGION: 'us-west-1'
         shell: bash
 
+  vulnerability_scanner_database_workflow_changes:
+    if: github.event_name == 'pull_request'
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+          # Idenentifiers of the generated content. The generated files will be named vd_1.0.0_vd_<wazuh_version>.tar.xz
+          wazuh_version: ["4.8.0"]
+
+    steps:
+      # Checkout to the branch
+      - name: Checkout to branch
+        uses: actions/checkout@v3
+        with:
+          submodules: recursive
+          fetch-depth: 0
+          ref: ${{ matrix.wazuh_version }}
+
+      ########################
+      # Compilation          #
+      ########################
+      - name: Compile
+        uses: ./.github/actions/vulnerability_scanner/compile
+
+      ########################
+      # Content generation   #
+      ########################
+      - name: Generate vulnerability database
+        uses: ./.github/actions/vulnerability_scanner/content_generation
+        with:
+          wazuh_version: "pull_request"
+
   vulnerability_scanner_database_manual_update:
       if: ${{ github.event_name == 'workflow_dispatch' }}
 
@@ -99,8 +131,6 @@ jobs:
         ########################
         - name: Compile
           uses: ./.github/actions/vulnerability_scanner/compile
-          with:
-            wazuh_version: ${{ inputs.wazuh_version }}
 
         ########################
         # Content generation   #

.github/workflows/vulnerability-scanner-tests.yml

@@ -18,7 +18,7 @@ on:
 
 jobs:
   style-and-documentation:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
 
     steps:
       - name: Checkout repository
@@ -132,7 +132,7 @@ jobs:
 
   vulnerability-scanner-modules:
     needs: style-and-documentation
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
 
     steps:
       - name: Checkout repository
@@ -200,7 +200,7 @@ jobs:
 
     strategy:
       matrix:
-        os: [ ubuntu-latest, ubuntu-20.04 ]
+        os: [ ubuntu-22.04, ubuntu-20.04 ]
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout repository
@@ -244,7 +244,7 @@ jobs:
           asan: "true"
 
   vulnerability-scanner-modules-qa:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout repository
         uses: actions/checkout@v3