From 0c017b86b66bb404d29fa29556c22605a22b4888 Mon Sep 17 00:00:00 2001 From: Antonio <34042064+Desvelao@users.noreply.github.com> Date: Fri, 13 Dec 2024 16:11:06 +0100 Subject: [PATCH] Merge 4.10.0 into 4.10.1 (#143) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Bump revision (#116) * chore: bump 4.10.0 rev 03 (#123) * Bump revision 04 (#133) * Update the actions' version (#131) * Support Wazuh 5.0.0 * Merge 4.9.1 into 4.10.0 (#102) (#121) * 2.13 release notes (#1832) (#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f376d235d651f76552d9bdd12840ebd329) * Add required ml permissions to support new roles (#1838) (#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf8cb6c11074ebdcd2dbea4604b0654decf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- Signed-off-by: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com> Signed-off-by: Álex Ruiz Co-authored-by: Antonio <34042064+Desvelao@users.noreply.github.com> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com> Co-authored-by: Sicheng Song Co-authored-by: Álex Ruiz Co-authored-by: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com> Co-authored-by: Federico Rodriguez Co-authored-by: yenienserrano * Update all workflows to use actions/checkout@v4 for improved compatibility and performance * Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance * Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions * Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions * Update workflows to use tibdex/github-app-token@v2.1.0 for improved installation retrieval method and enhanced functionality * Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality * Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries * Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes * Update Wazuh version to 4.10.0 with revision 03 * Update Wazuh revision to "00" in package.json * Fix missing newline at end of package.json file * Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email * Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities --------- Signed-off-by: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com> Signed-off-by: Álex Ruiz Co-authored-by: Tostti Co-authored-by: Nicolas Agustin Guevara Pihen <42900763+Tostti@users.noreply.github.com> Co-authored-by: Antonio <34042064+Desvelao@users.noreply.github.com> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com> Co-authored-by: Sicheng Song Co-authored-by: Álex Ruiz Co-authored-by: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com> Co-authored-by: Federico Rodriguez Co-authored-by: yenienserrano * chore: bump 4.10.0 rev 05 (#137) * Apply reference name change (#138) * chore(bump): 4.10.0 rev 06 (#141) * fix: conflict * fix: typo --------- Signed-off-by: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com> Signed-off-by: Álex Ruiz Co-authored-by: Federico Rodriguez Co-authored-by: Nicolas Agustin Guevara Pihen <42900763+Tostti@users.noreply.github.com> Co-authored-by: Guido Modarelli <38738725+guidomodarelli@users.noreply.github.com> Co-authored-by: Tostti Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com> Co-authored-by: Sicheng Song Co-authored-by: Álex Ruiz Co-authored-by: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com> Co-authored-by: yenienserrano --- .github/actions/run-cypress-tests/action.yml | 9 +++++---- .github/workflows/auto-release.yml | 9 ++++++--- .github/workflows/backport.yml | 9 ++++++--- .github/workflows/codeql.yml | 2 +- .github/workflows/cypress-test-multiauth-e2e.yml | 2 +- .../cypress-test-multidatasources-disabled-e2e.yml | 2 +- .../cypress-test-multidatasources-enabled-e2e.yml | 4 ++-- .github/workflows/cypress-test-oidc-e2e.yml | 2 +- .github/workflows/cypress-test-saml-e2e.yml | 2 +- .github/workflows/cypress-test-tenancy-disabled.yml | 9 +++++---- .github/workflows/cypress-test.yml | 9 +++++---- .github/workflows/dev-environment.yml | 12 +++++++----- .github/workflows/integration-test.yml | 9 +++++---- .github/workflows/unit-test.yml | 2 +- .github/workflows/verify-binary-installation.yml | 6 +++--- 15 files changed, 50 insertions(+), 38 deletions(-) diff --git a/.github/actions/run-cypress-tests/action.yml b/.github/actions/run-cypress-tests/action.yml index d77adf5a2..c2d80588c 100644 --- a/.github/actions/run-cypress-tests/action.yml +++ b/.github/actions/run-cypress-tests/action.yml @@ -20,8 +20,9 @@ runs: using: "composite" steps: - name: Set up JDK - uses: actions/setup-java@v1 + uses: actions/setup-java@v4 with: + distribution: 'temurin' java-version: 11 - name: Set env @@ -41,7 +42,7 @@ runs: download-location: ${{ env.PLUGIN_NAME }} - name: Run Opensearch with A Single Plugin - uses: derek-ho/start-opensearch@v2 + uses: derek-ho/start-opensearch@v6 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/opensearch-security.zip" @@ -51,7 +52,7 @@ runs: # OSD bootstrap - name: Run Dashboard with Security Dashboards Plugin - uses: derek-ho/setup-opensearch-dashboards@v1 + uses: derek-ho/setup-opensearch-dashboards@v3 with: plugin_name: security-dashboards-plugin opensearch_dashboards_yml: ${{ inputs.dashboards_config_file }} @@ -98,7 +99,7 @@ runs: shell: bash - name: Run Cypress Tests with retry - uses: Wandalen/wretry.action@v3.3.0 + uses: Wandalen/wretry.action@v3 with: attempt_limit: 5 attempt_delay: 2000 diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml index 61518c10f..82a0f4d9d 100644 --- a/.github/workflows/auto-release.yml +++ b/.github/workflows/auto-release.yml @@ -14,15 +14,18 @@ jobs: steps: - name: GitHub App token id: github_app_token - uses: tibdex/github-app-token@v1.5.0 + uses: tibdex/github-app-token@v2.1.0 with: app_id: ${{ secrets.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} - installation_id: 22958780 + # https://github.com/tibdex/github-app-token/releases/tag/v2.0.0 + # https://github.com/tibdex/github-app-token/compare/v1.5.0...v2.1.0#diff-1243c5424efaaa19bd8e813c5e6f6da46316e63761421b3e5f5c8ced9a36e6b6R11-R30 + installation_retrieval_mode: id + installation_retrieval_payload: 22958780 - name: Get tag id: tag uses: dawidd6/action-get-tag@v1 - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - uses: ncipollo/release-action@v1 with: github_token: ${{ steps.github_app_token.outputs.token }} diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index e47d8d88c..7fcf78ea4 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -15,14 +15,17 @@ jobs: steps: - name: GitHub App token id: github_app_token - uses: tibdex/github-app-token@v1.5.0 + uses: tibdex/github-app-token@v2.1.0 with: app_id: ${{ secrets.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} - installation_id: 22958780 + # https://github.com/tibdex/github-app-token/releases/tag/v2.0.0 + # https://github.com/tibdex/github-app-token/compare/v1.5.0...v2.1.0#diff-1243c5424efaaa19bd8e813c5e6f6da46316e63761421b3e5f5c8ced9a36e6b6R11-R30 + installation_retrieval_mode: id + installation_retrieval_payload: 22958780 - name: Backport - uses: VachaShah/backport@v1.1.4 + uses: VachaShah/backport@v2 with: github_token: ${{ steps.github_app_token.outputs.token }} branch_name: backport/backport-${{ github.event.number }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 092c298a3..8c7e91460 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/cypress-test-multiauth-e2e.yml b/.github/workflows/cypress-test-multiauth-e2e.yml index bb7985f9b..fb6d72074 100644 --- a/.github/workflows/cypress-test-multiauth-e2e.yml +++ b/.github/workflows/cypress-test-multiauth-e2e.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Checkout Branch - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Add SAML Configuration - name: Injecting SAML Configuration for Linux diff --git a/.github/workflows/cypress-test-multidatasources-disabled-e2e.yml b/.github/workflows/cypress-test-multidatasources-disabled-e2e.yml index e41de5fab..17381a999 100644 --- a/.github/workflows/cypress-test-multidatasources-disabled-e2e.yml +++ b/.github/workflows/cypress-test-multidatasources-disabled-e2e.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout Branch - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Configure the Dashboard for multi datasources disabled (default) - name: Create OpenSearch Dashboards Config diff --git a/.github/workflows/cypress-test-multidatasources-enabled-e2e.yml b/.github/workflows/cypress-test-multidatasources-enabled-e2e.yml index 162941cf1..8ec05496e 100644 --- a/.github/workflows/cypress-test-multidatasources-enabled-e2e.yml +++ b/.github/workflows/cypress-test-multidatasources-enabled-e2e.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout Branch - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set env run: | @@ -67,7 +67,7 @@ jobs: download-location: ${{env.PLUGIN_NAME}} - name: Run Opensearch with A Single Plugin - uses: derek-ho/start-opensearch@v4 + uses: derek-ho/start-opensearch@v6 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/opensearch-security.zip" diff --git a/.github/workflows/cypress-test-oidc-e2e.yml b/.github/workflows/cypress-test-oidc-e2e.yml index d02b3f8a9..6d6f622ed 100644 --- a/.github/workflows/cypress-test-oidc-e2e.yml +++ b/.github/workflows/cypress-test-oidc-e2e.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Checkout Branch - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Download and Check Keycloak Version - name: Download and Check Keyloak Version on Linux diff --git a/.github/workflows/cypress-test-saml-e2e.yml b/.github/workflows/cypress-test-saml-e2e.yml index 292cb2fe3..0f09d0c42 100644 --- a/.github/workflows/cypress-test-saml-e2e.yml +++ b/.github/workflows/cypress-test-saml-e2e.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Checkout Branch - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Add SAML Configuration - name: Create SAML Configuration for Linux diff --git a/.github/workflows/cypress-test-tenancy-disabled.yml b/.github/workflows/cypress-test-tenancy-disabled.yml index 18389e703..6cdb7472e 100644 --- a/.github/workflows/cypress-test-tenancy-disabled.yml +++ b/.github/workflows/cypress-test-tenancy-disabled.yml @@ -23,12 +23,13 @@ jobs: steps: - name: Set up JDK - uses: actions/setup-java@v1 + uses: actions/setup-java@v4 with: + distribution: 'temurin' java-version: 11 - name: Checkout Branch - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set env run: | @@ -47,7 +48,7 @@ jobs: download-location: ${{ env.PLUGIN_NAME }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@v2 + uses: derek-ho/start-opensearch@v6 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: 'file:$(pwd)/${{ env.PLUGIN_NAME }}.zip' @@ -70,7 +71,7 @@ jobs: EOT - name: Run Dashboard with Security Dashboards Plugin - uses: derek-ho/setup-opensearch-dashboards@v1 + uses: derek-ho/setup-opensearch-dashboards@v3 with: plugin_name: security-dashboards-plugin app_reference: ${{ vars.WZD_REF }} diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index 408cb9962..218e716d0 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -23,12 +23,13 @@ jobs: steps: - name: Set up JDK - uses: actions/setup-java@v1 + uses: actions/setup-java@v4 with: + distribution: 'temurin' java-version: 11 - name: Checkout Branch - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set env run: | @@ -47,7 +48,7 @@ jobs: download-location: ${{ env.PLUGIN_NAME }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@v2 + uses: derek-ho/start-opensearch@v6 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: 'file:$(pwd)/${{ env.PLUGIN_NAME }}.zip' @@ -72,7 +73,7 @@ jobs: EOT - name: Run Dashboard with Security Dashboards Plugin - uses: derek-ho/setup-opensearch-dashboards@v1 + uses: derek-ho/setup-opensearch-dashboards@v3 with: plugin_name: security-dashboards-plugin app_reference: ${{ vars.WZD_REF }} diff --git a/.github/workflows/dev-environment.yml b/.github/workflows/dev-environment.yml index 7bcec2419..411bf800d 100644 --- a/.github/workflows/dev-environment.yml +++ b/.github/workflows/dev-environment.yml @@ -47,7 +47,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Step 01 - Download the plugin's source code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: repository: wazuh/wazuh-security-dashboards-plugin ref: ${{ inputs.reference }} @@ -75,17 +75,19 @@ jobs: yarn config set registry https://registry.yarnpkg.com; cd /home/node/kbn/plugins/wazuh-security-plugin && yarn && ${{ inputs.command }}; ' - - name: Get the plugin version + - name: Get the plugin version and format reference name run: | + echo "githubReference=$(echo ${{ inputs.reference }} | sed 's/\//-/g')" >> $GITHUB_ENV echo "version=$(jq -r '.wazuh.version' $(pwd)/wazuh-security-plugin/package.json)" >> $GITHUB_ENV echo "revision=$(jq -r '.wazuh.revision' $(pwd)/wazuh-security-plugin/package.json)" >> $GITHUB_ENV - name: Step 04 - Upload artifact to GitHub if: ${{ inputs.artifact_name && inputs.artifact_path }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: - name: ${{ inputs.artifact_name }}_${{ env.version }}-${{ env.revision }}_${{ inputs.reference }}.zip + name: ${{ inputs.artifact_name }}_${{ env.version }}-${{ env.revision }}_${{ env.githubReference }}.zip path: ${{ inputs.artifact_path }} + overwrite: true - name: Step 05 - Upload coverage results to GitHub if: ${{ inputs.notify_jest_coverage_summary && github.event_name == 'pull_request' }} @@ -93,4 +95,4 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} path: ./wazuh-security-plugin/target/test-coverage/coverage-summary.json - title: "Code coverage (Jest)" \ No newline at end of file + title: 'Code coverage (Jest)' diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 7b5a646b8..bf03c72d2 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -19,11 +19,12 @@ jobs: steps: - name: Checkout Branch - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up JDK - uses: actions/setup-java@v1 + uses: actions/setup-java@v4 with: + distribution: 'temurin' java-version: 11 - name: Set env @@ -69,7 +70,7 @@ jobs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with A Single Plugin Remote Cluster - uses: derek-ho/start-opensearch@v4 + uses: derek-ho/start-opensearch@v6 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/opensearch-security-${{ env.OPENSEARCH_VERSION }}.zip" @@ -84,7 +85,7 @@ jobs: shell: bash - name: Run Opensearch with security - uses: derek-ho/start-opensearch@v2 + uses: derek-ho/start-opensearch@v6 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: 'file:$(pwd)/${{ env.PLUGIN_NAME }}.zip' diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml index bd104510c..ec0eaf1d3 100644 --- a/.github/workflows/unit-test.yml +++ b/.github/workflows/unit-test.yml @@ -17,7 +17,7 @@ jobs: # run: git config --system core.longpaths true - name: Checkout Branch - uses: actions/checkout@v2 + uses: actions/checkout@v4 - id: install-dashboards uses: derek-ho/setup-opensearch-dashboards@v3 diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index 7718b690e..5827e4605 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -20,7 +20,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout Branch - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set env run: | @@ -39,7 +39,7 @@ jobs: download-location: ${{ env.PLUGIN_NAME }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@v2 + uses: derek-ho/start-opensearch@v6 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" @@ -67,7 +67,7 @@ jobs: - name: Run Dashboard with Security Dashboards Plugin id: setup-dashboards - uses: derek-ho/setup-opensearch-dashboards@v2 + uses: derek-ho/setup-opensearch-dashboards@v3 with: plugin_name: security-dashboards-plugin built_plugin_name: security-dashboards