Merge 4.10.0 into 4.10.1 (#143)

* Bump revision (#116)

* chore: bump 4.10.0 rev 03 (#123)

* Bump revision 04 (#133)

* Update the actions' version (#131)

* Support Wazuh 5.0.0

* Merge 4.9.1 into 4.10.0 (#102) (#121)

* 2.13 release notes (opensearch-project#1832) (opensearch-project#1837)

* 2.13 release notes



* Fix style and package



* Fix style and package



* Fix link



---------


(cherry picked from commit 7c8058f)



* Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844)

* Add required ml permissions to support new roles



* Add ml permissions



* Remove internal ml action permissions



* Add back internal ml action permissions



---------


(cherry picked from commit f0cd1cf)



* Add compatibility with OpenSearch 2.11.0 (#31)

* Bump version Security Dashboards Plugin 2.9.0.0 (#21)

* Upgrade to version 2.8.0 of Security Dashboards Plugin (#20)

* Patch actions and workflows. Skip integration tests that fail (#4)

* Change plugin name in actions and workflows

* Patch install-dashboards action

* Change jest config path

* Skip tests

---------




* Change Wazuh logo and titles (#3)

* Change Wazuh logo and titles

* Don't force custom logo to have 100% width

* Add comment

* Fix lint

* Fix prettier

* Update snapshots

---------





* Disable tenant popup (#5)



* Replace readme (#16)

* Replace readme

* Replace Opensearch to Wazuh

* Update README.md



---------



* Add GitHub workflow for automated build  (#15)

* Manual build

* Workflow for automated build

* Update .github/workflows/dev-environment.yml



---------




* Create codeql.yml



* Revert changes in cypress-test.yml

* Revert changes in integration-test.yml

* Fix integration test

* Fix cypress test tenancy disabled

---------







* Skip overview page test

* Skip test for issue

* Skip test for issue

---------







* Fix home image and lint

* Fix lint

* Fix snapshot

* Fix integration test

* Revert selector

---------







* Update of the GitHub actions to create the packages (#33)

* Update Build manual Github action

* Add wazuh version in package.json

* Update package.json



---------



* Change order of security in left menu (#36)

* Change order of security in left menu

* Fix cypress test

* Fix repository tests (#46)

* Initial commit

* Removed Windows and Mac tests

* Fix oidc test

* Fix SAML test

* Bump 4.9.0 to revision 01 (#56)

* chore: bump 4.9.0 revision 02 (#64)

* Bump revision 03 (#74)

* chore: bump to 4.9.1 revision 00 (#76)

* Update the security policy (#95)

* change: update the security policy

* fix: security policy

* Update repository security policy (#97)

* chore(bump): revision 4.9.1 01 (#99)

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>
Signed-off-by: Álex Ruiz <[email protected]>
Co-authored-by: Antonio <[email protected]>
Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com>
Co-authored-by: Stephen Crawford <[email protected]>
Co-authored-by: Sicheng Song <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Ian Yenien Serrano <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: yenienserrano <[email protected]>

* Update all workflows to use actions/checkout@v4 for improved compatibility and performance

* Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance

* Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions

* Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions

* Update workflows to use tibdex/[email protected] for improved installation retrieval method and enhanced functionality

* Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality

* Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries

* Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes

* Update Wazuh version to 4.10.0 with revision 03

* Update Wazuh revision to "00" in package.json

* Fix missing newline at end of package.json file

* Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email

* Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>
Signed-off-by: Álex Ruiz <[email protected]>
Co-authored-by: Tostti <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Antonio <[email protected]>
Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com>
Co-authored-by: Stephen Crawford <[email protected]>
Co-authored-by: Sicheng Song <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Ian Yenien Serrano <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: yenienserrano <[email protected]>

* chore: bump 4.10.0 rev 05 (#137)

* Apply reference name change (#138)

* chore(bump): 4.10.0 rev 06 (#141)

* fix: conflict

* fix: typo

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>
Signed-off-by: Álex Ruiz <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Guido Modarelli <[email protected]>
Co-authored-by: Tostti <[email protected]>
Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com>
Co-authored-by: Stephen Crawford <[email protected]>
Co-authored-by: Sicheng Song <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Ian Yenien Serrano <[email protected]>
Co-authored-by: yenienserrano <[email protected]>

.github/actions/run-cypress-tests/action.yml

@@ -20,8 +20,9 @@ runs:
   using: "composite"
   steps:
     - name: Set up JDK
-      uses: actions/setup-java@v1
+      uses: actions/setup-java@v4
       with:
+        distribution: 'temurin'
         java-version: 11
 
     - name: Set env
@@ -41,7 +42,7 @@ runs:
         download-location: ${{ env.PLUGIN_NAME }}
 
     - name: Run Opensearch with A Single Plugin
-      uses: derek-ho/start-opensearch@v2
+      uses: derek-ho/start-opensearch@v6
       with:
         opensearch-version: ${{ env.OPENSEARCH_VERSION }}
         plugins: "file:$(pwd)/opensearch-security.zip"
@@ -51,7 +52,7 @@ runs:
 
     # OSD bootstrap
     - name: Run Dashboard with Security Dashboards Plugin
-      uses: derek-ho/setup-opensearch-dashboards@v1
+      uses: derek-ho/setup-opensearch-dashboards@v3
       with:
         plugin_name: security-dashboards-plugin
         opensearch_dashboards_yml: ${{ inputs.dashboards_config_file }}
@@ -98,7 +99,7 @@ runs:
       shell: bash
 
     - name: Run Cypress Tests with retry
-      uses: Wandalen/wretry.action@v3.3.0
+      uses: Wandalen/wretry.action@v3
       with:
         attempt_limit: 5
         attempt_delay: 2000

.github/workflows/auto-release.yml

@@ -14,15 +14,18 @@ jobs:
     steps:
       - name: GitHub App token
         id: github_app_token
-        uses: tibdex/github-app-token@v1.5.0
+        uses: tibdex/github-app-token@v2.1.0
         with:
           app_id: ${{ secrets.APP_ID }}
           private_key: ${{ secrets.APP_PRIVATE_KEY }}
-          installation_id: 22958780
+          # https://github.com/tibdex/github-app-token/releases/tag/v2.0.0
+          # https://github.com/tibdex/github-app-token/compare/v1.5.0...v2.1.0#diff-1243c5424efaaa19bd8e813c5e6f6da46316e63761421b3e5f5c8ced9a36e6b6R11-R30
+          installation_retrieval_mode: id
+          installation_retrieval_payload: 22958780
       - name: Get tag
         id: tag
         uses: dawidd6/action-get-tag@v1
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - uses: ncipollo/release-action@v1
         with:
           github_token: ${{ steps.github_app_token.outputs.token }}

.github/workflows/backport.yml

@@ -15,14 +15,17 @@ jobs:
     steps:
       - name: GitHub App token
         id: github_app_token
-        uses: tibdex/github-app-token@v1.5.0
+        uses: tibdex/github-app-token@v2.1.0
         with:
           app_id: ${{ secrets.APP_ID }}
           private_key: ${{ secrets.APP_PRIVATE_KEY }}
-          installation_id: 22958780
+          # https://github.com/tibdex/github-app-token/releases/tag/v2.0.0
+          # https://github.com/tibdex/github-app-token/compare/v1.5.0...v2.1.0#diff-1243c5424efaaa19bd8e813c5e6f6da46316e63761421b3e5f5c8ced9a36e6b6R11-R30
+          installation_retrieval_mode: id
+          installation_retrieval_payload: 22958780
 
       - name: Backport
-        uses: VachaShah/backport@v1.1.4
+        uses: VachaShah/backport@v2
         with:
           github_token: ${{ steps.github_app_token.outputs.token }}
           branch_name: backport/backport-${{ github.event.number }}

.github/workflows/codeql.yml

@@ -41,7 +41,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

.github/workflows/cypress-test-multiauth-e2e.yml

@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: Checkout Branch
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Add SAML Configuration
       - name: Injecting SAML Configuration for Linux

.github/workflows/cypress-test-multidatasources-disabled-e2e.yml

@@ -21,7 +21,7 @@ jobs:
 
     steps:
       - name: Checkout Branch
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Configure the Dashboard for multi datasources disabled (default)
       - name: Create OpenSearch Dashboards Config

.github/workflows/cypress-test-multidatasources-enabled-e2e.yml

@@ -21,7 +21,7 @@ jobs:
 
     steps:
       - name: Checkout Branch
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set env
         run: |
@@ -67,7 +67,7 @@ jobs:
           download-location: ${{env.PLUGIN_NAME}}
 
       - name: Run Opensearch with A Single Plugin
-        uses: derek-ho/start-opensearch@v4
+        uses: derek-ho/start-opensearch@v6
         with:
           opensearch-version: ${{ env.OPENSEARCH_VERSION }}
           plugins: "file:$(pwd)/opensearch-security.zip"

.github/workflows/cypress-test-oidc-e2e.yml

@@ -26,7 +26,7 @@ jobs:
 
     steps:
       - name: Checkout Branch
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Download and Check Keycloak Version
       - name: Download and Check Keyloak Version on Linux

.github/workflows/cypress-test-saml-e2e.yml

@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: Checkout Branch
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Add SAML Configuration
       - name: Create SAML Configuration for Linux

.github/workflows/cypress-test-tenancy-disabled.yml

@@ -23,12 +23,13 @@ jobs:
 
     steps:
       - name: Set up JDK
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@v4
         with:
+          distribution: 'temurin'
           java-version: 11
 
       - name: Checkout Branch
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set env
         run: |
@@ -47,7 +48,7 @@ jobs:
           download-location: ${{ env.PLUGIN_NAME }}
 
       - name: Run Opensearch with security
-        uses: derek-ho/start-opensearch@v2
+        uses: derek-ho/start-opensearch@v6
         with:
           opensearch-version: ${{ env.OPENSEARCH_VERSION }}
           plugins: 'file:$(pwd)/${{ env.PLUGIN_NAME }}.zip'
@@ -70,7 +71,7 @@ jobs:
           EOT
 
       - name: Run Dashboard with Security Dashboards Plugin
-        uses: derek-ho/setup-opensearch-dashboards@v1
+        uses: derek-ho/setup-opensearch-dashboards@v3
         with:
           plugin_name: security-dashboards-plugin
           app_reference: ${{ vars.WZD_REF }}

.github/workflows/cypress-test.yml

@@ -23,12 +23,13 @@ jobs:
 
     steps:
       - name: Set up JDK
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@v4
         with:
+          distribution: 'temurin'
           java-version: 11
 
       - name: Checkout Branch
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set env
         run: |
@@ -47,7 +48,7 @@ jobs:
           download-location: ${{ env.PLUGIN_NAME }}
 
       - name: Run Opensearch with security
-        uses: derek-ho/start-opensearch@v2
+        uses: derek-ho/start-opensearch@v6
         with:
           opensearch-version: ${{ env.OPENSEARCH_VERSION }}
           plugins: 'file:$(pwd)/${{ env.PLUGIN_NAME }}.zip'
@@ -72,7 +73,7 @@ jobs:
           EOT
 
       - name: Run Dashboard with Security Dashboards Plugin
-        uses: derek-ho/setup-opensearch-dashboards@v1
+        uses: derek-ho/setup-opensearch-dashboards@v3
         with:
           plugin_name: security-dashboards-plugin
           app_reference: ${{ vars.WZD_REF }}

.github/workflows/dev-environment.yml

@@ -47,7 +47,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Step 01 - Download the plugin's source code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           repository: wazuh/wazuh-security-dashboards-plugin
           ref: ${{ inputs.reference }}
@@ -75,22 +75,24 @@ jobs:
               yarn config set registry https://registry.yarnpkg.com;
               cd /home/node/kbn/plugins/wazuh-security-plugin && yarn && ${{ inputs.command }};
             '
-      - name: Get the plugin version
+      - name: Get the plugin version and format reference name
         run: |
+          echo "githubReference=$(echo ${{ inputs.reference }} | sed 's/\//-/g')" >> $GITHUB_ENV
           echo "version=$(jq -r '.wazuh.version' $(pwd)/wazuh-security-plugin/package.json)" >> $GITHUB_ENV
           echo "revision=$(jq -r '.wazuh.revision' $(pwd)/wazuh-security-plugin/package.json)" >> $GITHUB_ENV
 
       - name: Step 04 - Upload artifact to GitHub
         if: ${{ inputs.artifact_name && inputs.artifact_path }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
-          name: ${{ inputs.artifact_name }}_${{ env.version }}-${{ env.revision }}_${{ inputs.reference }}.zip
+          name: ${{ inputs.artifact_name }}_${{ env.version }}-${{ env.revision }}_${{ env.githubReference }}.zip
           path: ${{ inputs.artifact_path }}
+          overwrite: true
 
       - name: Step 05 - Upload coverage results to GitHub
         if: ${{ inputs.notify_jest_coverage_summary && github.event_name == 'pull_request' }}
         uses: AthleticNet/[email protected]
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           path: ./wazuh-security-plugin/target/test-coverage/coverage-summary.json
-          title: "Code coverage (Jest)"
+          title: 'Code coverage (Jest)'

.github/workflows/integration-test.yml

@@ -19,11 +19,12 @@ jobs:
 
     steps:
       - name: Checkout Branch
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up JDK
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@v4
         with:
+          distribution: 'temurin'
           java-version: 11
 
       - name: Set env
@@ -69,7 +70,7 @@ jobs:
           plugin-version: ${{ env.PLUGIN_VERSION }}
 
       - name: Run Opensearch with A Single Plugin Remote Cluster
-        uses: derek-ho/start-opensearch@v4
+        uses: derek-ho/start-opensearch@v6
         with:
           opensearch-version: ${{ env.OPENSEARCH_VERSION }}
           plugins: "file:$(pwd)/opensearch-security-${{ env.OPENSEARCH_VERSION }}.zip"
@@ -84,7 +85,7 @@ jobs:
         shell: bash
 
       - name: Run Opensearch with security
-        uses: derek-ho/start-opensearch@v2
+        uses: derek-ho/start-opensearch@v6
         with:
           opensearch-version: ${{ env.OPENSEARCH_VERSION }}
           plugins: 'file:$(pwd)/${{ env.PLUGIN_NAME }}.zip'

.github/workflows/unit-test.yml

@@ -17,7 +17,7 @@ jobs:
       #   run: git config --system core.longpaths true
 
       - name: Checkout Branch
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - id: install-dashboards
         uses: derek-ho/setup-opensearch-dashboards@v3

.github/workflows/verify-binary-installation.yml

@@ -20,7 +20,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:  
       - name: Checkout Branch
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set env
         run: |
@@ -39,7 +39,7 @@ jobs:
           download-location: ${{ env.PLUGIN_NAME }}
 
       - name: Run Opensearch with security
-        uses: derek-ho/start-opensearch@v2
+        uses: derek-ho/start-opensearch@v6
         with:
           opensearch-version: ${{ env.OPENSEARCH_VERSION }}
           plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip"
@@ -67,7 +67,7 @@ jobs:
 
       - name: Run Dashboard with Security Dashboards Plugin
         id: setup-dashboards
-        uses: derek-ho/setup-opensearch-dashboards@v2
+        uses: derek-ho/setup-opensearch-dashboards@v3
         with:
           plugin_name: security-dashboards-plugin
           built_plugin_name: security-dashboards