enhancements(#4844): Adding playbooks for step by step installation

deployability/modules/testing/playbooks/certs_create.yml

@@ -0,0 +1,62 @@
+---
+- name: Download necessary files
+  hosts: all
+  gather_facts: false
+  tasks:
+    - name: Download wazuh-certs-tool.sh
+      get_url:
+        url: https://packages.wazuh.com/4.7/wazuh-certs-tool.sh
+        dest: /home/vagrant/wazuh-certs-tool.sh
+
+    - name: Download config.yml
+      get_url:
+        url: https://packages.wazuh.com/4.7/config.yml
+        dest: /home/vagrant/config.yml
+
+- name: Replace values in config.yml
+  hosts: all
+  gather_facts: false
+  tasks:
+
+#    - name: Execute sed to comment out the dashboard line
+#      command: "sed -i '/^  dashboard:/s/^/  #/' /home/vagrant/config.yml"
+
+#    - name: Execute sed to comment out the - dashboard line
+#      command: "sed -i '/^    - name: dashboard/s/^/  #/' /home/vagrant/config.yml"
+
+#    - name: Execute sed to comment out the dashboard-node-ip line
+#      command: "sed -i '/^      ip: \"<dashboard-node-ip>\"/s/^/  #/' /home/vagrant/config.yml"
+
+    - name: Modify first occurrence of comment in node_type
+      command: "sed -i '0,/#  node_type: worker/s/#  node_type:/  node_type:/' /home/vagrant/config.yml"
+
+    - name: Modify first occurrence of comment in IP
+      command: "sed -i '0,/#  ip: \"<wazuh-manager-ip>\"/ s/#  ip: \"<wazuh-manager-ip>\"/     ip: \"<wazuh-manager-ip>\"/' /home/vagrant/config.yml"
+
+    - name: Modify comment for wazuh-2
+      command: "sed -i 's/^ *#- name: wazuh-2/    - name: wazuh-2/' /home/vagrant/config.yml"
+
+    - name: Modify first occurrence of "<wazuh-manager-ip>"
+      command: "sed -i '0,/<wazuh-manager-ip>/s//192.168.57.2/' /home/vagrant/config.yml"
+
+    - name: Modify first occurrence of "<wazuh-manager-ip>"
+      command: "sed -i '0,/<wazuh-manager-ip>/s//192.168.57.3/' /home/vagrant/config.yml"
+
+    - name: Modify first occurrence of "<indexer-node-ip>"
+      command: "sed -i '0,/<indexer-node-ip>/s//192.168.57.2/' /home/vagrant/config.yml"
+
+    - name: Modify first occurrence of "<dashboard-node-ip>"
+      command: "sed -i '0,/<dashboard-node-ip>/s//192.168.57.2/' /home/vagrant/config.yml"
+
+
+    - name: Execute wazuh-certs-tool.sh -A
+      command: bash /home/vagrant/wazuh-certs-tool.sh -A
+      become: true
+
+    - name: Package certificates into a tar file
+      command: tar -cvf /home/vagrant/wazuh-certificates.tar -C /home/vagrant/wazuh-certificates/ .
+      become: true
+
+    - name: Remove the wazuh-certificates directory
+      command: rm -rf /home/vagrant/wazuh-certificates
+      become: true

deployability/modules/testing/playbooks/install_wazuh_manager.yml

@@ -0,0 +1,135 @@
+- name: Install Wazuh Component
+  hosts: all
+  gather_facts: false
+  become: true
+  tasks:
+    {% if ansible_os_family == 'RedHat' %}
+    - name: Import Wazuh GPG key
+      command: rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH
+
+    - name: Add Wazuh repository
+      shell: echo -e '[wazuh]\ngpgcheck=1\ngpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH\nenabled=1\nname=EL-$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1' | tee /etc/yum.repos.d/wazuh.repo
+
+    - name: Install Wazuh Manager
+      yum:
+        name: wazuh-manager
+        state: present
+        update_cache: yes
+        enablerepo: wazuh
+
+    - name: Reload systemd
+      systemd:
+        daemon_reload: yes
+
+    - name: Enable Wazuh Manager at boot
+      systemd:
+        name: wazuh-manager
+        enabled: yes
+
+    - name: Start Wazuh Manager
+      systemd:
+        name: wazuh-manager
+        state: started
+    {% endif %}
+
+    {% if ansible_os_family == 'Debian' %}
+    - name: Install prerequisites
+      apt:
+        name:
+          - gnupg
+          - apt-transport-https
+        state: present
+
+    - name: Import Wazuh GPG key
+      shell: curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg
+
+    - name: Add Wazuh repository
+      shell: echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list
+
+    - name: Instalar Wazuh Manager
+      apt:
+        name: wazuh-manager
+        state: present
+        update_cache: yes
+
+    - name: Reload systemd
+      systemd:
+        daemon_reload: yes
+
+    - name: Enable Wazuh Manager at boot
+      systemd:
+        name: wazuh-manager
+        enabled: yes
+
+    - name: Start Wazuh Manager
+      systemd:
+        name: wazuh-manager
+        state: started
+    {% endif %}
+
+    {% if host == 'master' %}
+    - name: Reemplazar NODE_IP con la dirección IP
+      replace:
+        path: /var/ossec/etc/ossec.conf
+        regexp: '<node>NODE_IP</node>'
+        replace: '<node>192.168.57.2</node>'
+
+    - name: Reemplazar node_name
+      replace:
+        path: /var/ossec/etc/ossec.conf
+        regexp: '<node_name>node01</node_name>'
+        replace: '<node_name>wazuh-1</node_name>'
+
+    - name: Ejecutar comando sed para cambiar <disabled>yes</disabled> a <disabled>no</disabled> en ossec.conf
+      command: "sudo sed -i '/<cluster>/,/<\\/cluster>/ s/<disabled>yes<\\/disabled>/<disabled>no<\\/disabled>/' /var/ossec/etc/ossec.conf"
+
+    - name: Reemplazar node_name
+      replace:
+        path: /var/ossec/etc/ossec.conf
+        regexp: '<key></key>'
+        replace: '<key>7d9b3ac77bee4edccc56e64b81dec3ec</key>'
+    {% endif %}
+
+    {% if host == 'worker' %}
+    - name: Reemplazar node_name
+      replace:
+        path: /var/ossec/etc/ossec.conf
+        regexp: '<key></key>'
+        replace: '<key>7d9b3ac77bee4edccc56e64b81dec3ec</key>'
+
+    - name: Reemplazar NODE_IP con la dirección IP
+      replace:
+        path: /var/ossec/etc/ossec.conf
+        regexp: '<node>NODE_IP</node>'
+        replace: '<node>192.168.57.2</node>'
+
+    - name: Reemplazar NODE_IP con la dirección IP
+      replace:
+        path: /var/ossec/etc/ossec.conf
+        regexp: '<node_name>node01</node_name>'
+        replace: '<node_name>wazuh-2</node_name>'
+
+    - name: Ejecutar comando sed para cambiar <disabled>yes</disabled> a <disabled>no</disabled> en ossec.conf
+      command: "sudo sed -i '/<cluster>/,/<\\/cluster>/ s/<disabled>yes<\\/disabled>/<disabled>no<\\/disabled>/' /var/ossec/etc/ossec.conf"
+
+    - name: Reemplazar NODE_IP con la dirección IP
+      replace:
+        path: /var/ossec/etc/ossec.conf
+        regexp: '<node_type>master</node_type>'
+        replace: '<node_type>worker</node_type>'
+    {% endif %}
+
+    - name: Reiniciar Wazuh Manager
+      systemd:
+        name: wazuh-manager
+        state: restarted
+
+    {% if host == 'worker' %}
+    - name: Ejecutar cluster_control -l
+      command: /var/ossec/bin/cluster_control -l
+      register: cluster_output
+
+    - name: Mostrar salida del comando
+      debug:
+        var: cluster_output.stdout_lines
+    {% endif %}

deployability/modules/testing/playbooks/sshd_config.yml

@@ -0,0 +1,66 @@
+- name: Replace values in config.yml
+  hosts: all
+  gather_facts: false
+  become: true
+  tasks:
+    - name: Check if firewalld is installed
+      stat:
+        path: /usr/lib/systemd/system/firewalld.service
+      register: firewalld_installed
+
+    - debug:
+        var: firewalld_installed
+
+    - name: Stop firewalld
+      systemd:
+        name: firewalld
+        state: stopped
+      become: yes
+      when: firewalld_installed.stat.exists
+
+    - name: Disable firewalld at boot
+      systemd:
+        name: firewalld
+        enabled: no
+      become: yes
+      when: firewalld_installed.stat.exists
+
+
+    - name: Comprobar si es necesario realizar cambios
+      command: cat /etc/ssh/sshd_config
+      register: sshd_config_content
+
+    - name: Comentar las líneas en /etc/ssh/sshd_config
+      lineinfile:
+        path: /etc/ssh/sshd_config
+        regexp: '^PasswordAuthentication'
+        line: '#PasswordAuthentication no'
+      when: "'PasswordAuthentication no' in sshd_config_content.stdout"
+
+    - name: Comentar PermitRootLogin no
+      lineinfile:
+        path: /etc/ssh/sshd_config
+        regexp: '^PermitRootLogin no'
+        line: '#PermitRootLogin no'
+      when: "'PermitRootLogin no' in sshd_config_content.stdout"
+
+    - name: Comentar PermitRootLogin prohibit-password
+      lineinfile:
+        path: /etc/ssh/sshd_config
+        regexp: '^PermitRootLogin prohibit-password'
+        line: '#PermitRootLogin prohibit-password'
+      when: "'PermitRootLogin prohibit-password' in sshd_config_content.stdout"
+
+    - name: Agregar nuevas líneas al final del archivo
+      blockinfile:
+        path: /etc/ssh/sshd_config
+        marker: ""
+        block: |
+          PasswordAuthentication yes
+          PermitRootLogin yes
+      when: "'PasswordAuthentication no' in sshd_config_content.stdout or 'PermitRootLogin no' in sshd_config_content.stdout or 'PermitRootLogin prohibit-password' in sshd_config_content.stdout"
+
+    - name: Reiniciar el servicio SSH
+      systemd:
+        name: sshd
+        state: restarted

deployability/modules/testing/playbooks/sshd_share.yml

@@ -0,0 +1,14 @@
+- name: Replace values in config.yml
+  hosts: all
+  gather_facts: false
+  become: true
+  tasks:
+    - name: Instalar sshpass
+      become: yes
+      package:
+        name: sshpass
+        state: present
+
+    - name: Share certificates
+      become: yes
+      command: sshpass -p vagrant scp -o StrictHostKeyChecking=no /home/vagrant/wazuh-certificates.tar vagrant@192.168.57.3:/home/vagrant

deployability/modules/testing/playbooks/test.yml

@@ -2,6 +2,6 @@
   become: true
   tasks:
     - name: Test {{ test }} for {{ component }}
-      command: "pytest test_{{component}}/test_{{ test }}.py  -v --wazuh_version={{ wazuh_version }} --wazuh_revision={{ wazuh_revision }} --component={{ component }} --dependencies='{{ dependencies }}' --live={{ live }} --one_line={{ one_line }} -s"
+      command: "pytest test_{{component}}/test_{{ test }}.py  -v --wazuh_version={{ wazuh_version }} --component={{ component }} --dependencies='{{ dependencies }}'"
       args:
         chdir: "{{ working_dir }}"

deployability/modules/testing/playbooks/uninstall_wazuh_manager.yml

@@ -0,0 +1,12 @@
+---
+- name: Desinstalar y eliminar Wazuh
+  hosts: all
+  become: yes
+  tasks:
+    - name: Download install.sh
+      get_url:
+        url: https://packages.wazuh.com/4.7/wazuh-install.sh
+        dest: /home/vagrant/wazuh-install.sh
+
+    - name: Ejecutar comando de desinstalación
+      command: "sudo bash wazuh-install.sh --uninstall"

deployability/modules/testing/testing.py

@@ -11,7 +11,7 @@ class Tester:
     _playbooks_dir = Path(__file__).parent / 'playbooks'
     _setup_playbook = _playbooks_dir / 'setup.yml'
     _cleanup_playbook = _playbooks_dir / 'cleanup.yml'
-    _test_template = _playbooks_dir / 'test.yml'
+    _test_template = _playbooks_dir / 'install_wazuh_manager.yml'
 
     @classmethod
     def run(cls, payload: InputPayload) -> None:

deployability/modules/workflow_engine/examples/dtt1-managers-poc.yaml

@@ -0,0 +1,29 @@
+version: 0.1
+description: This workflow is used to test agents deployment por DDT1 PoC
+variables:
+  #agents-os:
+  #  - linux-ubuntu-22.04-amd64
+  manager-os: 
+    - linux-ubuntu-20.04-amd64
+    - linux-ubuntu-18.04-amd64
+  infra-provider: vagrant
+  working-dir: /tmp/dtt1-poc
+tasks:
+  # Unique manager allocate task
+  - task: "allocate-manager-{manager}"
+    description: "Allocate resources for the manager."
+    do:
+      this: process
+      with:
+        path: python3
+        args:
+          - modules/allocation/main.py
+          - action: create
+          - provider: "{infra-provider}"
+          - size: large
+          - composite-name: "{manager}"
+          - inventory-output: "{working-dir}/manager-{manager}/inventory.yaml"
+          - track-output: "{working-dir}/manager-{manager}/track.yaml"
+    foreach:
+      - variable: manager-os
+        as: manager