Migrate Wazuh Ansible QA custom roles

[Rebits]

Description

We have identified some issues with the current approach for deployment and provision. The approach currently relies on roles defined in the wazuh-qa repository (specific testing roles) and the wazuh-ansible repository (roles related to Wazuh).

There are several inconveniences with this approach that we need to address:

• It introduces dependencies on the wazuh-qa and wazuh-ansible repositories.
• The provisioning structure is complex and difficult to manage.
• Maintenance of the setup becomes challenging.
• Non-production branches in wazuh-ansible are being used.

To mitigate these disadvantages, we have decided to migrate all the roles to this repository. This migration will require implementing some changes:

• The Wazuh component should support provisioning multiple versions.
• Roles should be designed to be atomic, allowing for easy customization of the environment.

By addressing these concerns and making the necessary adjustments, we aim to simplify the provisioning process and enhance the overall efficiency of our deployment approach.

Tasks

Wazuh QA

• Migrate the Wazuh Components roles to the repository Migrate Wazuh Ansibles Roles #4642
  • Wazuh Agent
  • Wazuh manager
  • Wazuh Indexer
  • Wazuh Dashboard
  • Filebeat
  • AIO
• Make necessary changes to the Wazuh QA Environment class to deprecate Wazuh Ansible https://github.com/wazuh/wazuh-jenkins/pull/5838/files

[Rebits]

Development branches

Wazuh Jenkins	Wazuh QA
4581-migrate-ansible-roles	4581-migrate-ansible-roles

---

Migrated Wazuh roles from Wazuh Ansible to QA repository
It is currently being tested a PoC with the changes: https://ci.wazuh.info/job/Wazuh_QA_environment/381/console

[Rebits]

After migration it seems certificates are not being correctly generated:

10:39:42  Could not find or access '/home/ec2-user/workspace/Wazuh_QA_environment/383/wazuh-qa/provisioning/playbooks/indexer/certificates/wazuh-certificates/admin-key.pem' on the Ansible Controller.
10:39:42  If you are using a module and expect the file to exist on the remote, see the remote_src option
10:39:43  An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option
10:39:43  failed: [wi1] (item=admin.pem) => {
10:39:43      "ansible_loop_var": "item",
10:39:43      "changed": false,
10:39:43      "item": "admin.pem"
10:39:43  }
10:39:43  
10:39:43  MSG:

[Rebits]

We have successfully deployed the proposed environment.

Deployment Details: View Deployment Details

Currently, we are in the process of refining new roles and optimizing the Wazuh_QA_Environment pipeline.

[Rebits]

Minor fixes in Windows wazuh-agent provision

[Rebits]

In order to validate the developed solution, we need to ensure that the necessary infrastructure is available for testing. Once we confirm that the pipeline can provision the proposed environment, we can proceed to close the development phase. For more details, please refer to this comment

[Rebits]

During the development of the VD tests it has been detected that macOS endpoint was configured with invalid configuration. Configuration included invalid & in the configuration xml. In addition manager IP was not correctly set. Further research is required

[davidjiglesias]

LGTM!