feat(#2796): add conf E2E system tests automation

provisioning/environments/manager_agent.yaml

@@ -0,0 +1,27 @@
+wazuh-manager:
+  roles:
+    - manager
+
+wazuh-agent1:
+  roles:
+    - agent
+  manager: wazuh-manager
+  version: 4.1.5
+  revision: 1
+  repository: live
+
+wazuh-agent2:
+  roles:
+    - agent
+  manager: wazuh-manager
+  version: 4.2.2
+  revision: 1
+  repository: live
+
+wazuh-agent3:
+  manager: wazuh-manager
+  roles:
+    - agent
+  version: 4.2.5
+  revision: 1
+  repository: live

provisioning/playbooks/apache.yaml

@@ -0,0 +1,14 @@
+- hosts: apache
+  tasks:
+    - name: Install apache block
+      block:
+        - name: Install apache server in Linux systems
+          become: true
+          become_user: root
+          import_role:
+            name: ../roles/apache
+          when: ansible_os_family == "Debian" or ansible_os_family == "RedHat" or ansible_os_family == "Solaris"
+        - name: Install apache server in Windows and macOS hosts
+          import_role:
+            name: ../roles/apache
+          when: ansible_os_family == "Windows" or ansible_os_family == "Darwin"

provisioning/playbooks/qa_framework.yaml

@@ -0,0 +1,12 @@
+- hosts: qa_framework
+  roles:
+    - ../roles/qa_framework
+  vars:
+    qa_hosts:
+      - port: 1514
+        protocol: tcp
+        api_port: 55000
+        api_proto: http
+        api_user: ansible
+        max_retries: 5
+        retry_interval: 5

provisioning/playbooks/wazuh_environment.yaml

@@ -0,0 +1,71 @@
+# Certificates generation
+- hosts: wi1
+  roles:
+    - role: "{{ wazuh_ansible_roles }}/wazuh/wazuh-indexer"
+      indexer_network_host: "{{ private_ip }}"
+      perform_installation: false
+  become: true
+  vars:
+    indexer_node_master: true
+  tags:
+    - generate-certs
+
+# Wazuh indexer cluster
+- hosts: wi_cluster
+  roles:
+    - role: "{{ wazuh_ansible_roles }}/wazuh/wazuh-indexer"
+      indexer_network_host: "{{ private_ip }}"
+  become: true
+  become_user: root
+  vars:
+    indexer_node_master: true
+
+- hosts: manager
+  roles:
+    - role: "{{wazuh_ansible_roles }}/wazuh/ansible-wazuh-manager"
+  become: true
+  become_user: root
+
+- hosts: filebeat
+  roles:
+    - role: "{{wazuh_ansible_roles }}/wazuh/ansible-filebeat-oss"
+  become: true
+  become_user: root
+
+# Indexer + dashboard node
+- hosts: dashboard
+  roles:
+    - role: "{{wazuh_ansible_roles }}/wazuh/wazuh-indexer"
+    - role: "{{wazuh_ansible_roles }}/wazuh/wazuh-dashboard"
+  become: true
+  become_user: root
+  vars:
+    indexer_network_host: "{{ hostvars.dashboard.private_ip }}"
+    indexer_node_master: false
+    indexer_node_ingest: false
+    indexer_node_data: false
+    indexer_cluster_nodes: "{{ indexer_discovery_nodes }}"
+    ansible_shell_allow_world_readable_temp: true
+    wazuh_api_credentials:
+      - id: default
+        url: https://{{ hostvars.master.private_ip }}
+        port: 55000
+        username: wazuh
+        password: wazuh
+
+# Agent
+- hosts: agent
+  tasks:
+    - name: Agents
+      block:
+        - name: Install UNIX based agents
+          become: true
+          become_user: root
+          import_role:
+            name: "{{ wazuh_ansible_roles }}/wazuh/ansible-wazuh-agent"
+          when: ansible_os_family != "Windows"
+
+        - name: Install Windows based agents
+          import_role:
+            name: "{{ wazuh_ansible_roles }}/wazuh/ansible-wazuh-agent"
+          when: ansible_os_family == "Windows"

provisioning/roles.yaml

@@ -0,0 +1,77 @@
+qa_framework:
+  playbook: ./playbooks/qa_framework.yml
+  os: ANY
+  service: ANY
+  vars:
+    mandatory:
+      qa_repository_reference: QA_REFERENCE
+
+apache:
+  playbook: ./playbooks/apache.yml
+  os: LINUX_BASED_OS
+  service: ANY
+
+agent:
+  playbook: ./playbooks/wazuh_environment.yaml
+  os: ANY
+  service: ANY
+  vars:
+    mandatory:
+      version: VERSION
+      revision: REVISION
+      repository: REPOSITORY
+      manager: MANAGER_HOST
+
+manager:
+  playbook: ./playbooks/wazuh_environment.yaml
+  os: LINUX_BASED_OS
+  service: ANY
+  resources:
+    minimal:
+      cpu: 2
+      memory: 2048
+  vars:
+    mandatory:
+      version: VERSION
+      revision: REVISION
+      repository: REPOSITORY
+    default:
+      type: master
+
+indexer:
+  playbook: ./playbooks/wazuh_environment.yaml
+  os: LINUX_BASED_OS
+  service: ANY
+  resources:
+    minimal:
+      cpu: 4
+      memory: 4096
+  vars:
+    mandatory:
+      version: VERSION
+      revision: REVISION
+      repository: REPOSITORY
+
+dashboard:
+  playbook: ./playbooks/wazuh_environment.yaml
+  os: LINUX_BASED_OS
+  service: ANY
+  resources:
+    minimal:
+      cpu: 4
+      memory: 4096
+  vars:
+    mandatory:
+      version: VERSION
+      revision: REVISION
+      repository: REPOSITORY
+
+filebeat:
+  depends: manager
+  playbook: ./playbooks/wazuh_environment.yaml
+  service: ANY
+  os: LINUX_BASED_OS
+  resources:
+    minimal:
+      cpu: 2
+      memory: 2048

provisioning/roles/apache/schema.j2

@@ -0,0 +1,25 @@
+{% macro expand_ansible_connection_attributes(attributes_map) %}
+{% for attr_key, attr_value in attributes_map.items() %}
+{% if 'ansible' in attr_key %}
+{{- attr_key }}: {{ attr_value }}
+{% endif %}
+{% endfor %}
+{%- endmacro -%}
+
+{% if apache is defined%}
+apache:
+  hosts:
+  {%- for apache_key, apache_value in apache.items() %}
+
+    apache{{ loop.index }}:
+      ansible_host: {{ apache_value['ip'] }}
+      {{ expand_ansible_connection_attributes(apache_value) | indent(6) }}
+  {%- endfor %}
+{% endif %}
+
+
+all:
+  vars:
+    # General ansible connection parameters
+    ansible_ssh_common_args: -o StrictHostKeyChecking=no
+    ansible_winrm_server_cert_validation: ignore

provisioning/roles/apache/tasks/Linux.yaml

@@ -0,0 +1,14 @@
+- name: Install apache server
+  package:
+    name: "{{ program }}"
+    state: present
+
+- name: Start {{ service }} service
+  service:
+    name: "{{ service }}"
+    state: started
+
+- name: Check {{ service }} is running
+  command: systemctl status {{ service }}
+  register: service_status
+  failed_when: (service_status.stderr | length > 0) or ("active (running)" not in service_status.stdout )

provisioning/roles/apache/tasks/MacOS.yaml

@@ -0,0 +1,7 @@
+- name: Install {{ program }} with brew | MacOS
+  homebrew:
+    name: "{{ program }}"
+    update_homebrew: true
+
+- name: Start {{ program }} with brew | MacOS
+  shell: /usr/local/bin/brew services start {{ program }}

provisioning/roles/apache/tasks/Solaris.yaml

@@ -0,0 +1,19 @@
+- name: Install CSWpkgutil
+  become: true
+  shell: pkgadd -d http://get.opencsw.org/now -n
+
+- name: Fetch new catalog and descriptions
+  become: true
+  shell: /opt/csw/bin/pkgutil -U
+
+- name: Install apache2
+  become: true
+  shell: /opt/csw/bin/pkgutil -y -i apache2
+
+- name: List files
+  become: true
+  shell: /usr/sbin/pkgchk -L CSWapache2
+
+- name: Enable service
+  become: true
+  shell: svcadm -v enable /network/http:apache2

provisioning/roles/apache/tasks/Windows.yaml

@@ -0,0 +1,27 @@
+- name: Download the Apache binaries
+  win_get_url:
+    url: "{{ apache_zip_url }}"
+    dest: "{{ home_dir }}"
+    checksum: "{{apache_algorithm}}:{{apache_checksum}}"
+
+- name: Unzip Apache binaries zip
+  community.windows.win_unzip:
+    src: "{{ apache_zip_path }}"
+    dest: "{{ home_dir }}"
+    creates: "{{ apache_folder_path }}"
+
+- name: Replace Apache's ServerRoot location
+  community.windows.win_lineinfile:
+    path: "{{ apache_folder_path }}/conf/httpd.conf"
+    backrefs: true
+    regex: Define SRVROOT "c:/Apache24"
+    line: Define SRVROOT "c:/Users/qa/Apache24"
+
+- name: Verify httpd.conf
+  ansible.windows.win_shell: "{{ apache_bin_path }} -t"
+
+- name: Install Apache service
+  ansible.windows.win_shell: "{{ apache_bin_path }} -k install"
+
+- name: Start Apache service
+  ansible.windows.win_shell: "{{ apache_bin_path }} -k start"

provisioning/roles/apache/tasks/main.yaml

@@ -0,0 +1,49 @@
+# vars
+
+# Linux
+- name: Include Debian custom vars
+  include_vars: ../vars/Debian.yml
+  when: ansible_os_family == "Debian"
+
+- name: Include RedHat custom vars
+  include_vars: ../vars/RedHat.yml
+  when: ansible_os_family == "RedHat"
+
+# Windows
+- name: Include Windows custom vars
+  include_vars: ../vars/Windows.yml
+  when: ansible_os_family == "Windows"
+
+# Solaris
+- name: Include Solaris custom vars
+  include_vars: ../vars/Solaris.yml
+  when: ansible_os_family == "Solaris"
+
+# MacOS
+- name: Include MacOS custom vars
+  include_vars: ../vars/MacOS.yml
+  when: ansible_os_family == "Darwin"
+
+# Linux
+- name: Include Linux custom tasks
+  include_tasks: Linux.yml
+  when: ansible_os_family == "Debian" or ansible_os_family == "RedHat"
+
+# Windows
+- name: Include Windows custom tasks
+  include_tasks: Windows.yml
+  when: ansible_os_family == "Windows"
+
+# Solaris
+- name: Include Solaris custom tasks
+  include_tasks: Solaris.yml
+  when: ansible_os_family == "Solaris"
+  args:
+    apply:
+      environment:
+        PATH: "{{ environment_paths }}"
+
+# macOS
+- name: Include MacOS custom tasks
+  include_tasks: MacOS.yml
+  when: ansible_os_family == "Darwin"

provisioning/roles/apache/vars/Debian.yaml

@@ -0,0 +1,2 @@
+program: apache2
+service: apache2

provisioning/roles/apache/vars/MacOS.yaml

@@ -0,0 +1,3 @@
+program: httpd
+service: httpd
+home_dir: /Users/vagrant

provisioning/roles/apache/vars/RedHat.yaml

@@ -0,0 +1,2 @@
+program: httpd
+service: httpd

provisioning/roles/apache/vars/Solaris.yaml

@@ -0,0 +1,4 @@
+program: apache-24
+service: apache24
+home_dir: /export/home/vagrant
+environment_paths: /opt/python3/bin/:/usr/sbin:/usr/bin:/usr/sbin/:/opt/csw/gnu/:/usr/sfw/bin/:/opt/csw/bin/

provisioning/roles/apache/vars/Windows.yaml

@@ -0,0 +1,13 @@
+# https://archive.apache.org/dist/httpd/binaries/win32/?C=M;O=D openssl msi with its sha file
+# https://www.apachelounge.com/download/VS16/binaries binaries and checksums
+service: httpd
+apache_version: 2.4.54
+home_dir: C:\Users/qa
+# latest stable version
+apache_zip_url: https://www.apachelounge.com/download/VS16/binaries/httpd-2.4.54-win64-VS16.zip
+apache_algorithm: sha256
+apache_checksum: b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c
+apache_zip_file: httpd-{{apache_version}}-win64-VS16.zip
+apache_zip_path: "{{home_dir}}/{{apache_zip_file}}"
+apache_folder_path: "{{home_dir}}/Apache24"
+apache_bin_path: "{{apache_folder_path}}/bin/httpd.exe"

provisioning/roles/createInventory.yaml

@@ -0,0 +1,8 @@
+- name: Creating inventory using templates
+  hosts: localhost
+
+  tasks:
+    - name: Template a file
+      ansible.builtin.template:
+        src: "{{ source_template }}"
+        dest: "{{ dest_inventory}}"

provisioning/roles/qa_framework/defaults/main.yaml

@@ -0,0 +1,8 @@
+qa_repository_url: https://github.com/wazuh/wazuh-qa.git
+qa_repository_reference: master
+qa_requirements_file: requirements.txt
+test_setup_qa_path: deps/wazuh_testing
+setup_installer: setup.py
+build_dir: /tmp/wazuh-qa
+# This flag allows modifying any var
+customize: false