Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

QACTL review and fixes #1723

Closed
43 tasks done
jmv74211 opened this issue Aug 17, 2021 · 1 comment
Closed
43 tasks done

QACTL review and fixes #1723

jmv74211 opened this issue Aug 17, 2021 · 1 comment
Assignees
@jmv74211 @roronoasins @fernandolojano
Labels
Epic tool/qactl

Comments

@jmv74211
Copy link
Contributor

jmv74211 commented Aug 17, 2021
edited
Loading

The objective of this issue is to give a general review of the qactl tool for this first iteration, and to note any possible bugs or improvements needed to meet the main objectives of the tool.

Improvements

Fixes

Manual checks

  • Deployment:
    • SSH host key checking 🟢 (#C2)
    • Vagrant
      • Deploy 1 to n instances using Ubuntu 20.04 custom box 🟢
      • Deploy 1 to n instances using CentOS 8 custom box 🟢
    • Docker
      • Deploy 1 to n instances using Amazon Linux 2 custom image 🟡
      • Deploy 1 to n instances using Ubuntu 20.04 custom image 🟡
  • Provision:
    • Provision instance (#C4) Fixed 🟢
    • Provision n Ubuntu 20.04 instances 🟢
    • Provision n CentOS 8 instances 🟢 (#C3) Fixed
    • Provision wazuh via sources 🟢 (#C1) Fixed
    • Provision wazuh via local packages. 🟢
    • Provision qa_framework with custom branches 🟢 .
    • Provision local machine 🟢
@jmv74211 jmv74211 added the Epic label Aug 17, 2021
@jmv74211
Copy link
Contributor Author

jmv74211 commented Aug 18, 2021
edited
Loading

C1: Provision wazuh via sources

Error

TASK [Render the "preloaded-vars.conf" file] ***********************************
fatal: [172.16.1.60]: FAILED! => {"changed": false, "checksum": "961aba88b0af13a2bd3c5b7e6d2c475f36c116ba", "msg": "Destination directory /tmp/wazuh-v4.2.0-rc13/etc does not exist"}

Fix: da82a81

C2: SSH host key checking

Error

fatal: [172.16.1.70]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\n@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nIT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!\r\nSomeone could be eavesdropping on you right now (man-in-the-middle attack)!\r\nIt is also possible that a host key has just been changed.\r\n

The solution is to replace in the Ansible inventory the SSH option StrictHostKeyChecking=no by UserKnownHostsFile=/dev/null

C3: Provision CentOS 8 instance

Error

fatal: [172.16.1.70]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: vagrant@172.16.1.70: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).", "unreachable": true}

fatal: [172.16.1.70]: FAILED! => {"changed": false, "checksum": "8af5f9d1fec06422f33251e31541cb4226e4ec6d", "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"}

fatal error: Python.h: No such file or directory

Fixs applied to the box, redone and uploaded to S3

C4: Ansible SSH connection UNREACHABLE

Error

fatal: [172.16.1.70]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: connect to host 172.16.1.70 port 22: Connection timed out", "unreachable": true}

Fixed in 0a49d21

jmv74211 added a commit that referenced this issue Aug 18, 2021
@jmv74211
add: Disable sync folder and ssh keys in QACTL Vagrantfile #1723
70467e2
jmv74211 added a commit that referenced this issue Aug 18, 2021
@jmv74211
fix: Fix QACTL download of sources installation files #1723
da82a81
jmv74211 added a commit that referenced this issue Aug 19, 2021
@jmv74211
refac: Update how to install QACTL python dependencies #1723
aedc4e3
@jmv74211 jmv74211 mentioned this issue Aug 19, 2021
Closed
9 tasks
roronoasins pushed a commit that referenced this issue Aug 20, 2021
refac: Rename ansible tasks in QACTL run test module #1723
0eeed7b
@mdengra mdengra mentioned this issue Aug 20, 2021
Closed
7 tasks
roronoasins pushed a commit that referenced this issue Aug 20, 2021
add: Add health_check parameter to wazuh_deployment stage. #1723
80c27c7 
If True health-check will be performed, False otherwise. Default value: True.

Also wazuh_installation useless cfg key removed.
jmv74211 added a commit that referenced this issue Aug 23, 2021
@jmv74211
fix: Fix qactl ansible connection issue #1723
0a49d21
@roronoasins roronoasins mentioned this issue Aug 24, 2021
Merged
2 tasks
jmv74211 added a commit that referenced this issue Aug 24, 2021
@jmv74211
fix: Fix QACTL configuration template validation #1723
965a815
jmv74211 added a commit that referenced this issue Aug 24, 2021
@jmv74211
fix: Fix QACTL configuration template validation #1723
b212b2c
jmv74211 added a commit that referenced this issue Aug 24, 2021
@jmv74211
fix: Disable gpg key checking with installing yum packages #1723
7f83153
jmv74211 added a commit that referenced this issue Aug 24, 2021
@jmv74211
fix: Fix some pytest errors when the tests fail #1723
f808c1c
@fernandolojano fernandolojano mentioned this issue Aug 25, 2021
Closed
7 tasks
@fernandolojano fernandolojano mentioned this issue Aug 30, 2021
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jmv74211 jmv74211

@roronoasins roronoasins

@fernandolojano fernandolojano

Labels
Epic tool/qactl
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jmv74211 @roronoasins @fernandolojano