merge(#3278): Merge

CHANGELOG.md

@@ -2,14 +2,55 @@
 
 All notable changes to this project will be documented in this file.
 
-## [4.6.0] - TBD
+## [4.8.0] - TBD
 
 Wazuh commit: TBD \
 Release report: TBD
 
 ### Added
 
 - Add tests for merged.mg file generation. ([#3278](https://github.com/wazuh/wazuh-qa/pull/4129)) \- (Tests)
+- Added tests for checking agent status upon ungraceful closure.([#4146](https://github.com/wazuh/wazuh-qa/pull/4146)) \- (Tests)
+- Agent syncronization testing after group deleting ([#3953](https://github.com/wazuh/wazuh-qa/pull/4143)) \- (Tests)
+
+
+### Changed
+
+- Enable Ubuntu Vulnerability Detector E2E. ([#4252](https://github.com/wazuh/wazuh-qa/pull/4252)) \- (Tests)
+- Update _wazuh_db_ schema database version ([#4353](https://github.com/wazuh/wazuh-qa/pull/4353)) \- (Tests)
+- Update the JSON schema with the required fields for the output content of the migration tool ([#4375](https://github.com/wazuh/wazuh-qa/pull/4375)) \- (Tests)
+- Update framework known flaws file ([#4443](https://github.com/wazuh/wazuh-qa/pull/4443)) \- (Tests)
+
+## [4.7.0] - TBD
+
+Wazuh commit: TBD \
+Release report: TBD
+
+### Added
+
+- Add tests for new FIM audit buffer option. ([#4399](https://github.com/wazuh/wazuh-qa/pull/4399)) \- (Framework + tests)
+- Add callbacks and IT tests for Integratord options tag. ([#4108](https://github.com/wazuh/wazuh-qa/pull/4108)) \- (Framework + tests)
+
+### Changed
+
+- Add option to run some logcollector tests isolated (without a manager) [#4226](https://github.com/wazuh/wazuh-qa/pull/4226) \- (Tests + Framework)
+- Update code analysis and dependencies known flaws. [#3319](https://github.com/wazuh/wazuh-qa/pull/4083) \- (Tests)
+- Update _wazuh_db_ schema database version([#4405](https://github.com/wazuh/wazuh-qa/pull/4405)) \- (Tests)
+- Update framework known flaws file ([#4313](https://github.com/wazuh/wazuh-qa/pull/4313)) \- (Tests)
+
+### Fixed
+- Update `get_test_cases_data` function so it handles fim_mode parameter ([#4185](https://github.com/wazuh/wazuh-qa/pull/4185)) \- (Framework)
+- Fix warnings in the rids tests([#4151](https://github.com/wazuh/wazuh-qa/pull/4151)) \- (Framework + Tests)
+
+## [4.6.0] - TBD
+
+Wazuh commit: TBD \
+Release report: TBD
+
+### Added
+
+- Add Debian Bookworm VDT IT support. ([#4463](https://github.com/wazuh/wazuh-qa/pull/4463)) \- (Tests)
+- Add new test cases for the `discard_regex` functionality of `CloudWatchLogs` and `Inspector` services. ([#4278](https://github.com/wazuh/wazuh-qa/pull/4278)) \- (Tests)
 - Add Windows location wildcards tests ([#4263](https://github.com/wazuh/wazuh-qa/pull/4263)) \- (Tests + Framework)
 - New 'SCA' test suite and framework. ([#3566](https://github.com/wazuh/wazuh-qa/pull/3566)) \- (Framework + Tests)
 - Add integration tests for AWS module. ([#3911](https://github.com/wazuh/wazuh-qa/pull/3911)) \- (Framework + Tests + Documentation)
@@ -24,9 +65,13 @@ Release report: TBD
 - Add new module to support migration tool. ([#3837](https://github.com/wazuh/wazuh-qa/pull/3837))
 - Add IT tests FIM registry monitoring using wildcards. ([#4270](https://github.com/wazuh/wazuh-qa/pull/4270)) \- (Framework + Tests)
 - Update schema database version ([#4128](https://github.com/wazuh/wazuh-qa/pull/4128)) \- (Tests)
+- Update framework known flaws files ([#4380](https://github.com/wazuh/wazuh-qa/pull/4380)) \- (Tests)
 
 ### Changed
 
+- Skip `test_authd_ssl_options` cases that use TLS 1.1 causing errors on several OpenSSL versions. ([#4229](https://github.com/wazuh/wazuh-qa/pull/4229)) \- (Tests)
+- Update database version ([#4467](https://github.com/wazuh/wazuh-qa/pull/4467)) \- (Tests)
+- Remove versionStartIncluding from NVD custom feed ([#4441](https://github.com/wazuh/wazuh-qa/pull/4441)) \- (Tests)
 - Updated syscollector wmodules prefix ([#4384](https://github.com/wazuh/wazuh-qa/pull/4384)) \- (Framework)
 - Replace embedded python invocations with generic `python3`. ([#4186](https://github.com/wazuh/wazuh-qa/pull/4186)) - (Tests)
 - Fix FIM test_large_changes test suite ([#3948](https://github.com/wazuh/wazuh-qa/pull/3948)) \- (Tests)
@@ -48,27 +93,70 @@ Release report: TBD
 - Update cluster logs in reliability tests ([#2772](https://github.com/wazuh/wazuh-qa/pull/2772)) \- (Tests)
 - Use correct version format in agent_simulator tool ([#3198](https://github.com/wazuh/wazuh-qa/pull/3198)) \- (Tools)
 - Upgrade PyYAML to 6.0.1. ([#4326](https://github.com/wazuh/wazuh-qa/pull/4326)) \- (Framework)
+- Update schema database version ([#4128](https://github.com/wazuh/wazuh-qa/pull/4128)) \- (Tests)
+- Update framework known flaws files ([#4380](https://github.com/wazuh/wazuh-qa/pull/4380)) \- (Tests)
 
 ### Fixed
 
+- Fix FIM framework to validate path in event correctly ([#4390](https://github.com/wazuh/wazuh-qa/pull/4390)) \- (Framework)
+- Fix an error related to logs format in reliability test ([#4387](https://github.com/wazuh/wazuh-qa/pull/4387)) \- (Tests)
 - Fix boto3 version requirement for legacy OS ([#4150](https://github.com/wazuh/wazuh-qa/pull/4150)) \- (Framework)
 - Fix cases yaml of the analysisd windows registry IT ([#4149](https://github.com/wazuh/wazuh-qa/pull/4149)) \- (Tests)
 - Fix a bug in on Migration tool's library ([#4106](https://github.com/wazuh/wazuh-qa/pull/4106)) \- (Framework)
 - Fix imports and add windows support for test_report_changes_and_diff IT ([#3548](https://github.com/wazuh/wazuh-qa/issues/3548)) \- (Framework + Tests)
 - Fix a regex error in the FIM integration tests ([#3061](https://github.com/wazuh/wazuh-qa/issues/3061)) \- (Framework + Tests)
 - Fix an error in the cluster performance tests related to CSV parser ([#2999](https://github.com/wazuh/wazuh-qa/pull/2999)) \- (Framework + Tests)
 - Fix bug in the framework on migration tool ([#4027](https://github.com/wazuh/wazuh-qa/pull/4027)) \- (Framework)
+- Fix test cluster / integrity sync system test and configuration to avoid flaky behavior ([#4406](https://github.com/wazuh/wazuh-qa/pull/4406)) \- (Tests)
 
-## [4.5.1] - TBD
+## [4.5.3] - TBD
 
 Wazuh commit: TBD \
 Release report: TBD
 
-## [4.5.0] - TBD
+## [4.5.2] - TBD
 
 Wazuh commit: TBD \
 Release report: TBD
 
+### Changed
+
+- Update ITs URL for Debian OVAL ([#4491](https://github.com/wazuh/wazuh-qa/pull/4491)) \- (Tests)
+- Syscollector package inventory deltas fix ([#4483](https://github.com/wazuh/wazuh-qa/pull/4483)) \- (Tests)
+- Update schema sys_programs table ([#4451](https://github.com/wazuh/wazuh-qa/pull/4451)) \- (Tests)
+- Update enrollment logs in system test ([#4442](https://github.com/wazuh/wazuh-qa/pull/4442)) \- (Tests)
+- Fix one_manager_agent environment provisioning by packages for system tests ([#4438](https://github.com/wazuh/wazuh-qa/pull/4438)) \- (Framework)
+- Update framework known flaws files ([#4379](https://github.com/wazuh/wazuh-qa/pull/4379)) \- (Tests)
+
+### Fixed
+
+- Minor fixes in the `tests_python_flaws.py` scan ([#4439](https://github.com/wazuh/wazuh-qa/pull/4439)) \- (Tests)
+
+## [4.5.1] - 24-08-2023
+
+Wazuh commit: https://github.com/wazuh/wazuh/commit/731cdf39a430d2fb6fa02f3721624e07f887b02f
+Release report: https://github.com/wazuh/wazuh/issues/18475
+
+### Added
+
+- Add an integration test to check the wazuh-analysisd's decoder parser ([#4286](https://github.com/wazuh/wazuh-qa/pull/4286)) \- (Tests)
+
+### Changed
+
+- Update python integration test dependencies in the README ([#4427](https://github.com/wazuh/wazuh-qa/pull/4427)) \- (Documentation)
+- Update vulnerability detector IT outdated URLs ([#4428](https://github.com/wazuh/wazuh-qa/pull/4428)) \- (Tests)
+
+## [4.5.0] - 11-08-2023
+
+Wazuh commit: https://github.com/wazuh/wazuh/commit/f6aba151d08ef065dfc1bdc9b8885c3d4f618fca
+Release report: https://github.com/wazuh/wazuh/issues/18235
+
+### Changed
+
+- Delete `update_from_year` from system and E2E tests configuration ([#4372](https://github.com/wazuh/wazuh-qa/pull/4372)) \- (Tests)
+- Upgrade PyYAML to 6.0.1. ([#4326](https://github.com/wazuh/wazuh-qa/pull/4326)) \- (Framework)
+- Change Vulnerability Detector ITs to support the development of the NVD 2.0 refactor. ([#4327](https://github.com/wazuh/wazuh-qa/pull/4327)) \- (Tests)
+
 ## [4.4.5] - 10-07-2023
 
 Wazuh commit: https://github.com/wazuh/wazuh/commit/8d17d2c9c11bc10be9a31c83bc7c17dfbac0d2a0 \

deps/wazuh_testing/wazuh_testing/__init__.py

@@ -71,7 +71,11 @@
 ANALYSISD_STATE = os.path.join(WAZUH_PATH, 'var', 'run', 'wazuh-analysisd.state')
 
 # Timeouts
+
+T_025 = 0.25
+T_1 = 1
 T_2 = 2
+T_3 = 3
 T_5 = 5
 T_10 = 10
 T_20 = 20
@@ -111,6 +115,7 @@
 VALID_FIM_MODES = ['scheduled', 'realtime', 'whodata']
 OS_EXCLUDED_FROM_RT_WD = ['darwin', 'sunos5']
 
+
 def is_udp(protocol):
     return protocol.upper() == UDP
 

deps/wazuh_testing/wazuh_testing/cluster.py

@@ -26,7 +26,7 @@ def callback_detect_master_serving(line):
 
 
 def callback_detect_worker_connected(line):
-    match = re.match(r'.*Sucessfully connected to master', line)
+    match = re.match(r'.*Successfully connected to master', line)
     if match:
         return line
 

deps/wazuh_testing/wazuh_testing/db_interface/cve_db.py

@@ -212,7 +212,7 @@ def get_metadata_timestamp(provider_os):
     return result[0]
 
 
-def get_nvd_metadata_timestamp(year):
+def get_nvd_metadata_timestamp():
     """Get the NVD timestamp data for a specific year from nvd_metadata table.
 
     Args:
@@ -221,7 +221,7 @@ def get_nvd_metadata_timestamp(year):
     Returns:
         str: Timestamp data. (example: 2022-03-03T03:00:01-05:00)
     """
-    query_string = f"SELECT timestamp FROM nvd_metadata WHERE year={year}"
+    query_string = f"SELECT timestamp FROM nvd_metadata"
     result = get_sqlite_query_result(CVE_DB_PATH, query_string)
 
     if len(result) == 0:

deps/wazuh_testing/wazuh_testing/mocking/__init__.py

@@ -101,6 +101,15 @@
                'name': 'Ubuntu-xenial'},
     'TRUSTY': {'os_name': 'Ubuntu', 'os_major': '14', 'os_minor': '04', 'os_platform': 'ubuntu',
                'name': 'Ubuntu-trusty'},
+    'BOOKWORM': {'hostname': 'bookworm', 'architecture': 'x86_64', 'os_name': 'Debian GNU/Linux', 'os_version': '12',
+                 'os_codename': 'bookworm', 'os_major': '12', 'os_minor': '', 'os_patch': '', 'os_build': '',
+                 'os_platform': 'debian', 'sysname': 'Linux', 'release': '6.1.0-10-amd64', 'version': 'Wazuh v4.5.0',
+                 'os_release': '', 'checksum': '1692739317269125720', 'name': 'bookworm', 'ip': '127.0.0.1',
+                 'register_ip': '127.0.0.1', 'internal_key': '',
+                 'os_uname': 'Linux |bookworm |6.1.0-10-amd64 |#1 SMP Debian 6.1.38-1 (2023-07-14) |x86_64',
+                 'os_arch': 'x86_64', 'config_sum': '', 'merged_sum': '', 'manager_host': 'bookworm',
+                 'node_name': 'node01', 'date_add': '1645537986', 'last_keepalive': '253402300799',
+                 'sync_status': 'synced', 'connection_status': 'active'},
     'BULLSEYE': {'hostname': 'bullseye', 'architecture': 'x86_64', 'os_name': 'Debian GNU/Linux', 'os_version': '11',
                  'os_codename': 'bullseye', 'os_major': '11', 'os_minor': '', 'os_patch': '', 'os_build': '',
                  'os_platform': 'debian', 'sysname': 'Linux', 'release': '5.10.0-10-amd64', 'version': 'Wazuh v4.3.0',
@@ -132,7 +141,15 @@
                'os_uname': 'Linux |localhost|5.3.18-22-default |#1 SMP Wed Jun 3 12:16:43 UTC 2020 (720aeba)|x86_64',
                'os_arch': 'x64', 'config_sum': '', 'merged_sum': '', 'manager_host': 'localhost.localdomain',
                'node_name': 'node01', 'date_add': '1652381429', 'last_keepalive': '253402300799',
-               'sync_status': 'synced', 'connection_status': 'active'}
+               'sync_status': 'synced', 'connection_status': 'active'},
+    'AlmaLinux-8': {'hostname': 'localhost', 'architecture': 'x64', 'os_name': 'AlmaLinux', 'os_version': '8',
+                    'os_codename': '', 'os_major': '8', 'os_minor': '', 'os_patch': '', 'os_build': '',
+                    'os_platform': 'almalinux', 'sysname': 'Linux', 'release': '5.3.18-22-default',
+                    'version': 'Wazuh v4.4.0', 'os_release': '', 'checksum': '1652388661375945607',
+                    'name': 'ALMALINUX8', 'ip': '127.0.0.1', 'register_ip': 'any', 'internal_key': '',
+                    'os_arch': 'x64', 'config_sum': '', 'merged_sum': '', 'manager_host': 'localhost.localdomain',
+                    'node_name': 'node01', 'date_add': '1652381429', 'last_keepalive': '253402300799',
+                    'sync_status': 'synced', 'connection_status': 'active'}
 }
 
 

deps/wazuh_testing/wazuh_testing/modules/__init__.py

@@ -1,35 +1,35 @@
-'''
-copyright: Copyright (C) 2015-2023, Wazuh Inc.
-           Created by Wazuh, Inc. <info@wazuh.com>.
-           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-'''
-import pytest
-
-# Services Variables
-WAZUH_SERVICES_STOPPED = 'stopped'
-WAZUH_SERVICE_PREFIX = 'wazuh'
-WAZUH_SERVICES_STOP = 'stop'
-WAZUH_SERVICES_START = 'start'
-
-# Configurations
-DATA = 'data'
-WAZUH_LOG_MONITOR = 'wazuh_log_monitor'
-
-# Marks Executions
-
-TIER0 = pytest.mark.tier(level=0)
-TIER1 = pytest.mark.tier(level=1)
-TIER2 = pytest.mark.tier(level=2)
-
-WINDOWS = pytest.mark.win32
-LINUX = pytest.mark.linux
-MACOS = pytest.mark.darwin
-SOLARIS = pytest.mark.sunos5
-
-AGENT = pytest.mark.agent
-SERVER = pytest.mark.server
-
-# Local internal options
-WINDOWS_DEBUG = 'windows.debug'
-SYSCHECK_DEBUG = 'syscheck.debug'
-VERBOSE_DEBUG_OUTPUT = 2
+'''
+copyright: Copyright (C) 2015-2023, Wazuh Inc.
+           Created by Wazuh, Inc. <info@wazuh.com>.
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+'''
+import pytest
+
+# Services Variables
+WAZUH_SERVICES_STOPPED = 'stopped'
+WAZUH_SERVICE_PREFIX = 'wazuh'
+WAZUH_SERVICES_STOP = 'stop'
+WAZUH_SERVICES_START = 'start'
+
+# Configurations
+DATA = 'data'
+WAZUH_LOG_MONITOR = 'wazuh_log_monitor'
+
+# Marks Executions
+
+TIER0 = pytest.mark.tier(level=0)
+TIER1 = pytest.mark.tier(level=1)
+TIER2 = pytest.mark.tier(level=2)
+
+WINDOWS = pytest.mark.win32
+LINUX = pytest.mark.linux
+MACOS = pytest.mark.darwin
+SOLARIS = pytest.mark.sunos5
+
+AGENT = pytest.mark.agent
+SERVER = pytest.mark.server
+
+# Local internal options
+WINDOWS_DEBUG = 'windows.debug'
+SYSCHECK_DEBUG = 'syscheck.debug'
+VERBOSE_DEBUG_OUTPUT = 2

deps/wazuh_testing/wazuh_testing/modules/analysisd/event_monitor.py

@@ -67,8 +67,7 @@ def check_eps_disabled():
 
 def check_eps_missing_maximum():
     """Check if the eps block has the maximum tag"""
-    check_analysisd_event(callback=r".*WARNING: EPS limit disabled. "
-                                   "The maximum value is missing in the configuration block.*",
+    check_analysisd_event(callback=r".*WARNING: The EPS maximum value is missing in the configuration block.*",
                           timeout=T_10)
 
 

deps/wazuh_testing/wazuh_testing/modules/fim/__init__.py

@@ -175,7 +175,7 @@
 # Syscheck values
 DIFF_LIMIT_VALUE = 2
 DIFF_DEFAULT_LIMIT_VALUE = 51200
-
+AUDIT_QUEUE_SIZE_DEFAULT_VALUE = 16384
 
 # FIM modes
 SCHEDULED_MODE = 'scheduled'