From 11f95024e40caa2e564a9dfb600fd65303d9d43b Mon Sep 17 00:00:00 2001 From: Luis Enrique Chico Capistrano Date: Tue, 16 Apr 2024 18:41:41 -0300 Subject: [PATCH 01/13] docs: Update rpm and deb package generation --- .../packaging/generate-deb-package.rst | 72 -------------- .../packaging/generate-deb-rpm-package.rst | 94 +++++++++++++++++++ .../packaging/generate-rpm-package.rst | 74 --------------- source/development/packaging/index.rst | 5 +- 4 files changed, 96 insertions(+), 149 deletions(-) delete mode 100644 source/development/packaging/generate-deb-package.rst create mode 100644 source/development/packaging/generate-deb-rpm-package.rst delete mode 100644 source/development/packaging/generate-rpm-package.rst diff --git a/source/development/packaging/generate-deb-package.rst b/source/development/packaging/generate-deb-package.rst deleted file mode 100644 index 8ce7e72719..0000000000 --- a/source/development/packaging/generate-deb-package.rst +++ /dev/null @@ -1,72 +0,0 @@ -.. Copyright (C) 2015, Wazuh, Inc. - -.. meta:: - :description: Wazuh provides an automated way of building DEB packages. Learn how to build your own Wazuh DEB packages in this section of our documentation. - -.. _create-deb: - -Debian -====== - -Wazuh provides an automated way of building DEB packages using docker so there is no need for any other dependency. - -To create an Debian package follow these steps: - -Requirements -^^^^^^^^^^^^ - - * Docker - * Git - -Download our wazuh-packages repository from GitHub and go to the debs directory. - -.. code-block:: console - - $ git clone https://github.com/wazuh/wazuh-packages && cd wazuh-packages/debs && git checkout v|WAZUH_CURRENT| - -Execute the ``generate_debian_package.sh`` script, with the different options you desire. This script will build a Docker image with all the necessary tools to create the DEB and run a container that will build it: - -.. code-block:: console - - # ./generate_debian_package.sh -h - -.. code-block:: none - :class: output - - Usage: ./generate_debian_package.sh [OPTIONS] - - -b, --branch [Required] Select Git branch. - --packages-branch [Required] Select Git branch or tag from wazuh-packages repository. - -t, --target [Required] Target package to build: manager or agent. - -a, --architecture [Optional] Target architecture of the package [amd64/i386/ppc64le/arm64/armhf]. - -j, --jobs [Optional] Change number of parallel jobs when compiling the manager or agent. By default: 2. - -r, --revision [Optional] Package revision. By default: 1. - -s, --store [Optional] Set the destination path of package. By default, an output folder will be created. - -p, --path [Optional] Installation path for the package. By default: /var/ossec. - -d, --debug [Optional] Build the binaries with debug symbols. By default: no. - -c, --checksum [Optional] Generate checksum on the desired path (by default, if no path is specified it will be generated on the same directory than the package). - --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. - --sources [Optional] Absolute path containing Wazuh source code. This option will use local source code instead of downloading it from GitHub. - --dev [Optional] Use the SPECS files stored in the host instead of downloading them from GitHub. - --future [Optional] Build test future package x.30.0 Used for development purposes. - -h, --help Show this help. - -Below, you will find some examples of how to build a DEB package. - -.. code-block:: console - - # ./generate_debian_package.sh -b v|WAZUH_CURRENT| --packages-branch v|WAZUH_CURRENT| -s /tmp -t manager -a amd64 -r my_rev. - -This will generate a |WAZUH_CURRENT| Wazuh manager package DEB with revision ``my_rev`` for ``amd64`` systems. - -.. code-block:: console - - # ./generate_debian_package.sh -b v|WAZUH_CURRENT| --packages-branch v|WAZUH_CURRENT| -s /tmp -t api -a i386 -r my_rev - -This will generate a |WAZUH_CURRENT| Wazuh api package DEB with revision ``my_rev`` for ``i386`` systems and store it in ``/tmp``. - -.. code-block:: console - - # ./generate_debian_package.sh -b v|WAZUH_CURRENT| --packages-branch v|WAZUH_CURRENT| -t agent -a amd64 -p /opt/ossec - -This will generate a |WAZUH_CURRENT| Wazuh agent DEB package with ``/opt/ossec`` as installation directory for ``amd64`` systems. diff --git a/source/development/packaging/generate-deb-rpm-package.rst b/source/development/packaging/generate-deb-rpm-package.rst new file mode 100644 index 0000000000..a8bb1a8677 --- /dev/null +++ b/source/development/packaging/generate-deb-rpm-package.rst @@ -0,0 +1,94 @@ +.. Copyright (C) 2015, Wazuh, Inc. + +.. meta:: + :description: Wazuh provides an automated way of building DEB or RPM packages. Learn how to build your own Wazuh DEB or RPM packages in this section of our documentation. + +.. _create-deb-rpm: + +Debian or RPM +============= + +Wazuh provides an automated way of building DEB or RPM packages using docker so there is no need for any other dependency. + +To create an Debian or RPM package follow these steps: + +Requirements +^^^^^^^^^^^^ + + * Docker + * Git + +Download our wazuh repository from GitHub and go to the debs directory. + +.. code-block:: console + + $ git clone https://github.com/wazuh/wazuh && cd wazuh/packages && git checkout v|WAZUH_CURRENT| + +Execute the ``generate_package.sh`` script, with the different options you desire. This script will build a Docker image with all the necessary tools to create the DEB or RPM and run a container that will build it: + +.. code-block:: console + + # ./generate_package.sh -h + +.. code-block:: none + :class: output + + Usage: ./generate_package.sh [OPTIONS] + + -b, --branch [Optional] Select Git branch []. + -t, --target [Required] Target package to build: manager or agent. + -a, --architecture [Optional] Target architecture of the package [amd64/i386/ppc64le/arm64/armhf]. + -j, --jobs [Optional] Change number of parallel jobs when compiling the manager or agent. By default: 2. + -r, --revision [Optional] Package revision. By default: 0. + -s, --store [Optional] Set the destination path of package. By default, an output folder will be created. + -p, --path [Optional] Installation path for the package. By default: /var/ossec. + -d, --debug [Optional] Build the binaries with debug symbols. By default: False. + -c, --checksum [Optional] Generate checksum on the same directory than the package. + -l, --legacy [Optional only for RPM] Build package for CentOS 5. + --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. + --tag [Optional] Tag to use with the docker image. + --sources [Optional] Absolute path containing wazuh source code. This option will use local source code instead of downloading it from GitHub. By default use the script path. + --is_stage [Optional] Use release name in package + --system [Optional] Select Package OS [rpm, deb]. By default is 'deb'. + --src [Optional] Generate the source package in the destination directory. + --future [Optional] Build test future package x.30.0 Used for development purposes. + -h, --help Show this help. + +Below, you will find some examples of how to build a DEB or RPM package. + + +.. tabs:: + + .. group-tab:: DEB + + .. code-block:: console + + # ./generate_package.sh -s /tmp -t manager -a amd64 -r my_rev --system deb + + This will generate a |WAZUH_CURRENT| Wazuh manager package DEB with revision ``my_rev`` for ``amd64`` systems. + + .. code-block:: console + + # ./generate_package.sh -t agent -a amd64 -p /opt/ossec --system deb + + This will generate a |WAZUH_CURRENT| Wazuh agent DEB package with ``/opt/ossec`` as installation directory for ``amd64`` systems. + + .. group-tab:: RPM + + .. note:: + Use the following architecture equivalences: + * amd64 -> x86_64 + * arm64 -> aarch64 + * armhf -> armv7hl + + .. code-block:: console + + # ./generate_package.sh -s /tmp -t manager -a amd64 -r my_rev --system rpm + + This will generate a |WAZUH_CURRENT| Wazuh manager RPM package with revision ``my_rev`` for ``x86_64`` systems. + + .. code-block:: console + + # ./generate_package.sh -t agent -a amd64 -p /opt/ossec --system rpm + + This will generate a |WAZUH_CURRENT| Wazuh agent RPM package with ``/opt/ossec`` as installation directory for ``x86_64`` systems. diff --git a/source/development/packaging/generate-rpm-package.rst b/source/development/packaging/generate-rpm-package.rst deleted file mode 100644 index 2608b374d1..0000000000 --- a/source/development/packaging/generate-rpm-package.rst +++ /dev/null @@ -1,74 +0,0 @@ -.. Copyright (C) 2015, Wazuh, Inc. - -.. meta:: - :description: Wazuh provides an automated way of building RPM packages. Learn how to build your own Wazuh RPM packages in this section of our documentation. - -.. _create-rpm: - -RPM -=== - -Wazuh provides an automated way of building RPM packages using docker so there is no need for any other dependency. - -To create an RPM package follow these steps: - -Requirements -^^^^^^^^^^^^ - - * Docker - * Git - -Download our wazuh-packages repository from GitHub and go to the rpms directory. - -.. code-block:: console - - $ git clone https://github.com/wazuh/wazuh-packages && cd wazuh-packages/rpms && git checkout v|WAZUH_CURRENT| - -Execute the ``generate_rpm_package.sh`` script, with the different options you desire. This script will build a Docker image with all the necessary tools to create the RPM and run a container that will build it: - -.. code-block:: console - - # ./generate_rpm_package.sh -h - -.. code-block:: none - :class: output - - Usage: ./generate_rpm_package.sh [OPTIONS] - - -b, --branch [Required] Select Git branch or tag. - --packages-branch [Required] Select Git branch or tag from wazuh-packages repository. - -t, --target [Required] Target package to build [manager/api/agent]. - -a, --architecture [Optional] Target architecture of the package [x86_64/i386/ppc64le/aarch64/armv7hl]. - -r, --revision [Optional] Package revision that append to version e.g. x.x.x-rev - -l, --legacy [Optional] Build package for CentOS 5. - -s, --store [Optional] Set the destination path of package. By default, an output folder will be created. - -j, --jobs [Optional] Number of parallel jobs when compiling. - -p, --path [Optional] Installation path for the package. By default: /var/ossec. - -d, --debug [Optional] Build the binaries with debug symbols and create debuginfo packages. By default: no. - -c, --checksum [Optional] Generate checksum on the desired path (by default, if no path is specified it will be generated on the same directory than the package). - --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. - --sources [Optional] Absolute path containing wazuh source code. This option will use local source code instead of downloading it from GitHub. - --dev [Optional] Use the SPECS files stored in the host instead of downloading them from GitHub. - --src [Optional] Generate the source package in the destination directory. - --future [Optional] Build test future package x.30.0 Used for development purposes. - -h, --help Show this help. - -Below, you will find some examples of how to build an RPM package. - -.. code-block:: console - - # ./generate_rpm_package.sh -b v|WAZUH_CURRENT| --packages-branch v|WAZUH_CURRENT| -s /tmp -t manager -a x86_64 -r my_rev. - -This will generate a |WAZUH_CURRENT| Wazuh manager RPM package with revision ``my_rev`` for ``x86_64`` systems. - -.. code-block:: console - - # ./generate_rpm_package.sh -b v|WAZUH_CURRENT| --packages-branch v|WAZUH_CURRENT| -s /tmp -t api -a i386 -r my_rev - -This will generate a |WAZUH_CURRENT| Wazuh api RPM package with revision ``my_rev`` for ``i386`` systems and store it in ``/tmp``. - -.. code-block:: console - - # ./generate_rpm_package.sh -b v|WAZUH_CURRENT| --packages-branch v|WAZUH_CURRENT| -t agent -a x86_64 -p /opt/ossec - -This will generate a |WAZUH_CURRENT| Wazuh agent RPM package with ``/opt/ossec`` as installation directory for ``x86_64`` systems. diff --git a/source/development/packaging/index.rst b/source/development/packaging/index.rst index 7c0afbdde8..27f4ad5ddd 100644 --- a/source/development/packaging/index.rst +++ b/source/development/packaging/index.rst @@ -2,7 +2,7 @@ .. meta:: :description: Learn more about how to generate your own Wazuh packages for different platforms, such as Debian, macOS, Windows, Splunk app, and others. - + .. -package-creation: Wazuh packages generation guide @@ -16,10 +16,9 @@ This section will show you how to generate your own Wazuh packages for different :maxdepth: 1 generate-aix-package - generate-deb-package + generate-deb-rpm-package generate-hpux-package generate-osx-package - generate-rpm-package generate-sol-package generate-ova generate-windows-package From be1315a4ba01a3ef65e1747e1ec6d74ea27951c0 Mon Sep 17 00:00:00 2001 From: Luis Enrique Chico Capistrano Date: Wed, 17 Apr 2024 09:51:53 -0300 Subject: [PATCH 02/13] docs: Update windows package generation --- .../packaging/generate-windows-package.rst | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/source/development/packaging/generate-windows-package.rst b/source/development/packaging/generate-windows-package.rst index 203137787b..a0c747e87a 100644 --- a/source/development/packaging/generate-windows-package.rst +++ b/source/development/packaging/generate-windows-package.rst @@ -27,11 +27,11 @@ To be able to generate the windows msi package, it is necessary to perform two s Compiling windows agent ^^^^^^^^^^^^^^^^^^^^^^^ -Download our wazuh-packages repository from GitHub and go to the ``windows`` directory. +Download our wazuh repository from GitHub and go to the ``windows`` directory. .. code-block:: console - $ git clone https://github.com/wazuh/wazuh-packages && cd wazuh-packages/windows && git checkout v|WAZUH_CURRENT_WINDOWS| + $ git clone https://github.com/wazuh/wazuh && cd wazuh/packages/windows && git checkout v|WAZUH_CURRENT_WINDOWS| Execute the ``generate_compiled_windows_agent.sh`` script, with the different options you desire. This script will build a Docker image with all the necessary tools to compile and obtain the Windows agent compiled in a zip file : @@ -45,20 +45,23 @@ image with all the necessary tools to compile and obtain the Windows agent compi Usage: ./generate_compiled_windows_agent.sh [OPTIONS] - -b, --branch [Required] Select Git branch. + -b, --branch [Optional] Select Git branch to compile Wazuh code. + --sources [Optional] Absolute path containing wazuh source code. This option will use local source code instead of downloading it from GitHub. By default: ../../src + -o, --output [Required] Name to the output package -j, --jobs [Optional] Change number of parallel jobs when compiling the Windows agent. By default: 4. - -r, --revision [Optional] Package revision. By default: 1. -s, --store [Optional] Set the directory where the package will be stored. By default the current path. - -d, --debug [Optional] Build the binaries with debug symbols. By default: no. + -d, --debug [Optional] Build the binaries with debug symbols. By default: false. -t, --trust_verification [Optional] Build the binaries with trust load images verification. By default: 1 (only warnings). -c, --ca_name [Optional] CA name to be used to verify the trust of the agent. By default: DigiCert Assured ID Root CA. + --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. + --tag [Optional] Tag to use with the docker image. -h, --help Show this help. Below, you will find an example of how to build a compiled Windows agent. .. code-block:: console - # ./generate_compiled_windows_agent.sh -b v|WAZUH_CURRENT_WINDOWS| -s /tmp -r myrevision + # ./generate_compiled_windows_agent.sh -s /tmp -r myrevision .. note:: The ``-s`` parameter needs an absolute path. In this path you will get the zip with the compiled agent From 8e592ca3e0837360b634f866c3e71cc9f992c9bc Mon Sep 17 00:00:00 2001 From: Luis Enrique Chico Capistrano Date: Wed, 17 Apr 2024 10:05:54 -0300 Subject: [PATCH 03/13] docs: Update wpk package generation --- .../packaging/generate-wpk-package.rst | 36 ++++++++++--------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/source/development/packaging/generate-wpk-package.rst b/source/development/packaging/generate-wpk-package.rst index ee9e5792ec..61b4dc2627 100644 --- a/source/development/packaging/generate-wpk-package.rst +++ b/source/development/packaging/generate-wpk-package.rst @@ -20,11 +20,11 @@ Requirements * Docker * Git -Download our wazuh-packages repository from GitHub and go to the wpk directory. +Download our wazuh repository from GitHub and go to the wpk directory. .. code-block:: console - $ git clone https://github.com/wazuh/wazuh-packages && cd wazuh-packages/wpk && git checkout v|WAZUH_CURRENT| + $ git clone https://github.com/wazuh/wazuh && cd wazuh/packages/wpk && git checkout v|WAZUH_CURRENT| Execute the ``generate_wpk_package.sh`` script, with the different options you desire. This script will build a Docker image with all the necessary tools to create the WPK and run a container that will build it: @@ -36,21 +36,25 @@ Execute the ``generate_wpk_package.sh`` script, with the different options you d :class: output Usage: ./generate_wpk_package.sh [OPTIONS] + It is required to use -k or --aws-wpk-key, --aws-wpk-cert parameters + + -t, --target-system [Required] Select target wpk to build [linux/windows/macos] + -b, --branch [Required] Select Git branch or tag e.g. + -d, --destination [Required] Set the destination path of package. + -pn, --package-name [Required for windows and macos] Package name to pack on wpk. + -o, --output [Required] Name to the output package. + -k, --key-dir [Optional] Set the WPK key path to sign package. + --aws-wpk-key [Optional] AWS Secrets manager Name/ARN to get WPK private key. + --aws-wpk-cert [Optional] AWS secrets manager Name/ARN to get WPK certificate. + --aws-wpk-key-region [Optional] AWS Region where secrets are stored. + -a, --architecture [Optional] Target architecture of the package [x86_64]. + -j, --jobs [Optional] Number of parallel jobs when compiling. + -p, --path [Optional] Installation path for the package. By default: /var/ossec. + -c, --checksum [Optional] Generate checksum on destination folder. By default: no + --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. By default: yes + --tag [Optional] Tag to use with the docker image. + -h, --help Show this help. - -t, --target-system [Required] Select target wpk to build [linux/windows/macos]. - -b, --branch [Required] Select Git branch or tag e.g. - -d, --destination [Required] Set the destination path of package. - -pn, --package-name [Required for windows and macos] Package name to pack on wpk. - -o, --output [Required] Name to the output package. - -k, --key-dir [Required] Set the WPK key path to sign package. - --aws-wpk-key [Optional] AWS Secrets manager Name/ARN to get WPK private key. - --aws-wpk-cert [Optional] AWS secrets manager Name/ARN to get WPK certificate. - --aws-wpk-key-region [Optional] AWS Region where secrets are stored. - -a, --architecture [Optional] Target architecture of the package [x86_64]. - -j, --jobs [Optional] Number of parallel jobs when compiling. - -p, --path [Optional] Installation path for the package. By default: /var. - -c, --checksum [Optional] Generate checksum. - -h, --help Show this help. To use this tool, the previously required :ref:`certificate ` and the key must be in the same directory. From 492240568556a1168f23486cce4ea74acd5fd5f5 Mon Sep 17 00:00:00 2001 From: Luis Enrique Chico Capistrano Date: Wed, 17 Apr 2024 10:55:36 -0300 Subject: [PATCH 04/13] docs: Update macos package generation --- .../packaging/generate-osx-package.rst | 20 +++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/source/development/packaging/generate-osx-package.rst b/source/development/packaging/generate-osx-package.rst index 834ed63d26..4df227cb18 100644 --- a/source/development/packaging/generate-osx-package.rst +++ b/source/development/packaging/generate-osx-package.rst @@ -25,7 +25,7 @@ Download our wazuh-packages repository from GitHub and go to the macos directory .. code-block:: console - $ git clone https://github.com/wazuh/wazuh-packages && cd wazuh-packages/macos && git checkout v|WAZUH_CURRENT_OSX| + $ git clone https://github.com/wazuh/wazuh && cd wazuh/packages/macos && git checkout v|WAZUH_CURRENT_OSX| Execute the ``generate_wazuh_packages.sh`` script, with the different options you desire. @@ -39,12 +39,14 @@ Execute the ``generate_wazuh_packages.sh`` script, with the different options yo Usage: ./generate_wazuh_packages.sh [OPTIONS] Build options: - -a, --architecture [Optional] Select architecture to build (intel64 or arm64). Default: intel64 - -b, --branch [Required] Select Git branch or tag. + -a, --architecture [Optional] Target architecture of the package [intel64/arm64]. By Default: intel64. + -b, --branch [Optional] Select Git branch []. -s, --store-path [Optional] Set the destination absolute path of package. -j, --jobs [Optional] Number of parallel jobs when compiling. -r, --revision [Optional] Package revision that append to version e.g. x.x.x-rev + -d, --debug [Optional] Build the binaries with debug symbols. By default: no. -c, --checksum [Optional] Generate checksum on the desired path (by default, if no path is specified it will be generated on the same directory than the package). + --is_stage [Optional] Use release name in package -h, --help [ Util ] Show this help. -i, --install-deps [ Util ] Install build dependencies (Packages). -x, --install-xcode [ Util ] Install X-Code and brew. Can't be executed as root. @@ -55,8 +57,10 @@ Execute the ``generate_wazuh_packages.sh`` script, with the different options yo --keychain-password [Optional] Password of the keychain. --application-certificate [Optional] Apple Developer ID certificate name to sign Apps and binaries. --installer-certificate [Optional] Apple Developer ID certificate name to sign pkg. - --notarize [Optional] Notarize the package for its distribution on macOS Catalina . + --notarize [Optional] Notarize the package for its distribution on macOS. + --notarize-path [Optional] Path of the package to be notarized. --developer-id [Optional] Your Apple Developer ID. + --team-id [Optional] Your Apple Team ID. --altool-password [Optional] Temporary password to use altool from Xcode. @@ -64,19 +68,19 @@ Below, you will find some examples of how to build macOS packages. .. code-block:: console - # ./generate_wazuh_packages.sh -b v|WAZUH_CURRENT_OSX| -s /tmp + # ./generate_wazuh_packages.sh -s /tmp This will build a |WAZUH_CURRENT_OSX| Wazuh agent macOS package and store it in ``/tmp``. .. code-block:: console - # ./generate_wazuh_packages.sh -b v|WAZUH_CURRENT_OSX| -s /tmp -j 6 + # ./generate_wazuh_packages.sh -s /tmp -j 6 This will also build a |WAZUH_CURRENT_OSX| Wazuh agent macOS package and store it in ``/tmp`` but will use 6 jobs to compile the sources. .. code-block:: console - # ./generate_wazuh_packages.sh -b v|WAZUH_CURRENT_OSX| -s /tmp -j 6 -c + # ./generate_wazuh_packages.sh -s /tmp -j 6 -c In addition to the previous settings this will generate a ``.sha512`` file containing the checksum of the package. @@ -94,7 +98,7 @@ Once you have set up the environment, you can build and notarize the package as .. code-block:: console - $ sudo ./generate_wazuh_packages.sh -b v|WAZUH_CURRENT_OSX| -j 4 -r 1 --notarize \ + $ sudo ./generate_wazuh_packages.sh -j 4 -r 1 --notarize \ --keychain "/Users/your-user/Library/Keychains/login.keychain-db" \ --application-certificate "Your Developer ID Application" \ --installer-certificate "Your Developer ID Installer" \ From 4ffdfa3d10807b1b49059093d12fc318cb786a25 Mon Sep 17 00:00:00 2001 From: Manuel Date: Thu, 16 May 2024 13:22:08 +0200 Subject: [PATCH 05/13] Update: changed Usage messages --- .../packaging/generate-deb-rpm-package.rst | 10 +++--- .../packaging/generate-windows-package.rst | 6 ++-- .../packaging/generate-wpk-package.rst | 31 +++++++++---------- 3 files changed, 22 insertions(+), 25 deletions(-) diff --git a/source/development/packaging/generate-deb-rpm-package.rst b/source/development/packaging/generate-deb-rpm-package.rst index a8bb1a8677..cfa88ceadf 100644 --- a/source/development/packaging/generate-deb-rpm-package.rst +++ b/source/development/packaging/generate-deb-rpm-package.rst @@ -33,22 +33,22 @@ Execute the ``generate_package.sh`` script, with the different options you desir .. code-block:: none :class: output - Usage: ./generate_package.sh [OPTIONS] + Usage: packages/generate_package.sh [OPTIONS] - -b, --branch [Optional] Select Git branch []. + -b, --branch [Optional] Select Git branch. -t, --target [Required] Target package to build: manager or agent. -a, --architecture [Optional] Target architecture of the package [amd64/i386/ppc64le/arm64/armhf]. -j, --jobs [Optional] Change number of parallel jobs when compiling the manager or agent. By default: 2. -r, --revision [Optional] Package revision. By default: 0. -s, --store [Optional] Set the destination path of package. By default, an output folder will be created. -p, --path [Optional] Installation path for the package. By default: /var/ossec. - -d, --debug [Optional] Build the binaries with debug symbols. By default: False. - -c, --checksum [Optional] Generate checksum on the same directory than the package. + -d, --debug [Optional] Build the binaries with debug symbols. By default: no. + -c, --checksum [Optional] Generate checksum on the same directory than the package. By default: no. -l, --legacy [Optional only for RPM] Build package for CentOS 5. --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. --tag [Optional] Tag to use with the docker image. --sources [Optional] Absolute path containing wazuh source code. This option will use local source code instead of downloading it from GitHub. By default use the script path. - --is_stage [Optional] Use release name in package + --is_stage [Optional] Use release name in package. --system [Optional] Select Package OS [rpm, deb]. By default is 'deb'. --src [Optional] Generate the source package in the destination directory. --future [Optional] Build test future package x.30.0 Used for development purposes. diff --git a/source/development/packaging/generate-windows-package.rst b/source/development/packaging/generate-windows-package.rst index a0c747e87a..1f5c675cb2 100644 --- a/source/development/packaging/generate-windows-package.rst +++ b/source/development/packaging/generate-windows-package.rst @@ -46,11 +46,11 @@ image with all the necessary tools to compile and obtain the Windows agent compi Usage: ./generate_compiled_windows_agent.sh [OPTIONS] -b, --branch [Optional] Select Git branch to compile Wazuh code. - --sources [Optional] Absolute path containing wazuh source code. This option will use local source code instead of downloading it from GitHub. By default: ../../src - -o, --output [Required] Name to the output package + --sources [Optional] Absolute path containing wazuh source code. This option will use local source code instead of downloading it from GitHub. By default: '../../src'. + -o, --output [Required] Name to the output package. -j, --jobs [Optional] Change number of parallel jobs when compiling the Windows agent. By default: 4. -s, --store [Optional] Set the directory where the package will be stored. By default the current path. - -d, --debug [Optional] Build the binaries with debug symbols. By default: false. + -d, --debug [Optional] Build the binaries with debug symbols. By default: no. -t, --trust_verification [Optional] Build the binaries with trust load images verification. By default: 1 (only warnings). -c, --ca_name [Optional] CA name to be used to verify the trust of the agent. By default: DigiCert Assured ID Root CA. --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. diff --git a/source/development/packaging/generate-wpk-package.rst b/source/development/packaging/generate-wpk-package.rst index 61b4dc2627..62d7065bd4 100644 --- a/source/development/packaging/generate-wpk-package.rst +++ b/source/development/packaging/generate-wpk-package.rst @@ -35,25 +35,22 @@ Execute the ``generate_wpk_package.sh`` script, with the different options you d .. code-block:: none :class: output - Usage: ./generate_wpk_package.sh [OPTIONS] + Usage: packages/wpk/generate_wpk_package.sh [OPTIONS] It is required to use -k or --aws-wpk-key, --aws-wpk-cert parameters - -t, --target-system [Required] Select target wpk to build [linux/windows/macos] - -b, --branch [Required] Select Git branch or tag e.g. - -d, --destination [Required] Set the destination path of package. - -pn, --package-name [Required for windows and macos] Package name to pack on wpk. - -o, --output [Required] Name to the output package. - -k, --key-dir [Optional] Set the WPK key path to sign package. - --aws-wpk-key [Optional] AWS Secrets manager Name/ARN to get WPK private key. - --aws-wpk-cert [Optional] AWS secrets manager Name/ARN to get WPK certificate. - --aws-wpk-key-region [Optional] AWS Region where secrets are stored. - -a, --architecture [Optional] Target architecture of the package [x86_64]. - -j, --jobs [Optional] Number of parallel jobs when compiling. - -p, --path [Optional] Installation path for the package. By default: /var/ossec. - -c, --checksum [Optional] Generate checksum on destination folder. By default: no - --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. By default: yes - --tag [Optional] Tag to use with the docker image. - -h, --help Show this help. + -t, --target-system [Required] Select target wpk to build [linux/windows/macos]. + -b, --branch [Required] Select Git branch. + -d, --destination [Required] Set the destination path of package. + -pn, --package-name [Required] Path to package file (rpm, deb, apk, msi, pkg) to pack in wpk. + -o, --output [Required] Name to the output package. + -k, --key-dir [Optional] Set the WPK key path to sign package. + --aws-wpk-key [Optional] AWS Secrets manager Name/ARN to get WPK private key. + --aws-wpk-cert [Optional] AWS secrets manager Name/ARN to get WPK certificate. + --aws-wpk-key-region [Optional] AWS Region where secrets are stored. + -c, --checksum [Optional] Generate checksum on destination folder. By default: no. + --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. By default: yes. + --tag [Optional] Tag to use with the docker image. + -h, --help Show this help. To use this tool, the previously required :ref:`certificate ` and the key must be in the same directory. From 33c68386b7b54c7583f26228fc281be4690c654f Mon Sep 17 00:00:00 2001 From: jr0me Date: Thu, 16 May 2024 13:32:00 -0300 Subject: [PATCH 06/13] Update documentation for generating WPK packages according to the latest changes in the generation script --- .../packaging/generate-wpk-package.rst | 25 +++++++++++++++---- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/source/development/packaging/generate-wpk-package.rst b/source/development/packaging/generate-wpk-package.rst index 62d7065bd4..813e43bf02 100644 --- a/source/development/packaging/generate-wpk-package.rst +++ b/source/development/packaging/generate-wpk-package.rst @@ -58,14 +58,24 @@ To use this tool, the previously required :ref:`certificate ` an Linux WPK ^^^^^^^^^ +To build a WPK for Linux, you need to first download a package of the desired version. + +The following example demonstrates the process for Debian ``amd64``, but you can follow similar steps for RPM-based distributions and other supported architectures: + +.. code-block:: console + + # curl -O |DEB_AGENT_URL|_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb + Below, you will find an example of Linux WPK package building. .. code-block:: console - # ./generate_wpk_package.sh -t linux -b v|WAZUH_CURRENT| -d /tmp/wpk -k /tmp/keys -o LinuxAgent.wpk + # ./generate_wpk_package.sh -t linux -b v|WAZUH_CURRENT| -d /tmp/wpk -k /tmp/keys -o LinuxAgent.wpk -pn /tmp/wazuh-agent_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb This script builds a Wazuh |WAZUH_CURRENT| Linux WPK package named LinuxAgent.wpk and stores it in ``/tmp/wpk``. This action is done using the previously generated keys that are saved in ``/tmp/keys``. +If the ``-c`` or ``--checksum`` option is used, a file is created containing the SHA512 checksum in the same output path. This location is configurable and you can indicate where you want to store it. + Windows WPK ^^^^^^^^^^^ @@ -90,22 +100,27 @@ macOS WPK To build a WPK for macOS you need to first download a PKG package of the desired version: +The following example demonstrates the process for a ``intel64`` Architecture, but you can follow similar steps for ``arm64``: + .. code-block:: console - # curl -O https://packages.wazuh.com/|WAZUH_CURRENT_MAJOR_OSX|/macos/wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.pkg + # curl -O https://packages.wazuh.com/|WAZUH_CURRENT_MAJOR_OSX|/macos/wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.intel64.pkg Below, you will find an example of macOS WPK package building. .. code-block:: console - # ./generate_wpk_package.sh -t macos -b v|WAZUH_CURRENT_OSX| -d /tmp/wpk -k /tmp/keys -o macOSAgent.wpk -pn /tmp/wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.pkg + # ./generate_wpk_package.sh -t macos -b v|WAZUH_CURRENT_OSX| -d /tmp/wpk -k /tmp/keys -o macOSAgent.wpk -pn /tmp/wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.intel64.pkg This script builds a Wazuh |WAZUH_CURRENT_OSX| macOS WPK package named macOSAgent.wpk and stores it in ``/tmp/wpk``. This action is done using the previously generated keys that are saved in ``/tmp/keys``. If the ``-c`` or ``--checksum`` option is used, a file is created containing the SHA512 checksum in the same output path. This location is configurable and you can indicate where you want to store it. -Here you can see an example of how to build a WPK generation with checksum: +Using checksums +^^^^^^^^^^^^^^^ + +Here you can see an example of how to build a WPK with checksum: .. code-block:: console - # ./generate_wpk_package.sh -t linux -b v|WAZUH_CURRENT| -d /tmp/wpk -k /tmp/keys -o LinuxAgent.wpk -c /tmp/wpk_checksum + # ./generate_wpk_package.sh -t linux -b v|WAZUH_CURRENT| -d /tmp/wpk -k /tmp/keys -o LinuxAgent.wpk -pn /tmp/wazuh-agent_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb -c /tmp/wpk_checksum From cdb764707c2c000985cc3a08bb427d2905956c0f Mon Sep 17 00:00:00 2001 From: jr0me Date: Thu, 16 May 2024 13:36:14 -0300 Subject: [PATCH 07/13] Remove trailing whitespace --- .../generate-wpk-package-manually.rst | 58 +++++++++---------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst b/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst index 2571de4ac1..86cd06397f 100644 --- a/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst +++ b/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst @@ -20,13 +20,13 @@ Requirements * The Python ``cryptography`` package. This may be obtained using the following command: .. code-block:: console - + $ pip install cryptography Linux WPK ^^^^^^^^^ -#. Install the development tools and compilers. In Linux, this can easily be done using your distribution package manager. +#. Install the development tools and compilers. In Linux, this can easily be done using your distribution package manager. .. tabs:: @@ -43,33 +43,33 @@ Linux WPK # apt-get install make gcc libc6-dev curl policycoreutils automake autoconf libtool unzip -#. Download and extract the latest version. +#. Download and extract the latest version. .. code-block:: console - + # curl -Ls https://github.com/wazuh/wazuh/archive/v|WAZUH_CURRENT|.tar.gz | tar zx #. Modify the ``wazuh-|WAZUH_CURRENT|/etc/preloaded-vars.conf`` file that was downloaded to deploy an :ref:`unattended update ` in the agent by uncommenting the following lines: .. code-block:: pkgconfig - + USER_LANGUAGE="en" USER_NO_STOP="y" USER_UPDATE="y" USER_BINARYINSTALL="y" -#. Compile the project from the ``src`` folder. +#. Compile the project from the ``src`` folder. .. code-block:: console - + # cd wazuh-|WAZUH_CURRENT|/src # make deps TARGET=agent # make TARGET=agent -#. Delete the files that are no longer needed. This step can be skipped, but the size of the WPK will be considerably larger. +#. Delete the files that are no longer needed. This step can be skipped, but the size of the WPK will be considerably larger. .. code-block:: console - + $ rm -rf ./{api,framework} $ rm -rf gen_ossec.sh add_localfiles.sh $ rm -rf src/{addagent,analysisd,client-agent,config,error_messages,external/*,headers,logcollector,monitord,os_auth,os_crypto,os_csyslogd,os_dbd,os_execd} @@ -82,14 +82,14 @@ Linux WPK #. Install the root CA if you want to overwrite the root CA with the file you created previously. .. code-block:: console - + # cd ../ # cp path/to/wpk_root.pem etc/wpk_root.pem -#. Compile the WPK package using your SSL certificate and key. +#. Compile the WPK package using your SSL certificate and key. .. code-block:: console - + # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key * In this example, the Wazuh project's root directory contains the proper ``upgrade.sh`` file. @@ -104,7 +104,7 @@ Definitions: Windows WPK ^^^^^^^^^^^ -#. Install the development tools and compilers. In Linux, this can easily be done using your distribution package manager. +#. Install the development tools and compilers. In Linux, this can easily be done using your distribution package manager. .. tabs:: @@ -121,31 +121,31 @@ Windows WPK # apt-get install make gcc libc6-dev curl policycoreutils automake autoconf libtool unzip -#. Download and extract the latest version of Wazuh sources. +#. Download and extract the latest version of Wazuh sources. .. code-block:: console - + # curl -Ls https://github.com/wazuh/wazuh/archive/v|WAZUH_CURRENT|.tar.gz | tar zx -#. Download the latest version of the Wazuh MSI package. +#. Download the latest version of the Wazuh MSI package. .. code-block:: console - + # curl -Ls https://packages.wazuh.com/|WAZUH_CURRENT_MAJOR_WINDOWS|/windows/wazuh-agent-|WAZUH_CURRENT_WINDOWS|-|WAZUH_REVISION_WINDOWS|.msi --output wazuh-agent-|WAZUH_CURRENT_WINDOWS|-|WAZUH_REVISION_WINDOWS|.msi - -#. Install the root CA if you want to overwrite the root CA with the file you created previously. + +#. Install the root CA if you want to overwrite the root CA with the file you created previously. .. code-block:: console - + # cd ../ # cp path/to/wpk_root.pem etc/wpk_root.pem -#. Compile the WPK package using the MSI package and, your SSL certificate and key. +#. Compile the WPK package using the MSI package and, your SSL certificate and key. .. code-block:: console - + # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key path/to/wazuhagent.msi path/to/upgrade.bat path/to/do_upgrade.ps1 - + Definitions: - ``output/myagent.wpk`` is the name of the output WPK package. - ``path/to/wpkcert.pem`` is the path to the SSL certificate. @@ -178,32 +178,32 @@ macOS WPK #. Download and extract the latest version of Wazuh sources. .. code-block:: console - + # curl -Ls https://github.com/wazuh/wazuh/archive/v|WAZUH_CURRENT|.tar.gz | tar zx # cd wazuh-|WAZUH_CURRENT| #. Download the latest version of the Wazuh PKG package. .. code-block:: console - + # curl -Ls https://packages.wazuh.com/|WAZUH_CURRENT_MAJOR_OSX|/macos/wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.pkg --output wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.pkg - + #. Install the root CA if you want to overwrite the root CA with the file you created previously. .. code-block:: console - + # cp path/to/wpk_root.pem etc/wpk_root.pem #. Copy the necessary script to the Wazuh sources folder to compile the WPK. .. code-block:: console - + # cp src/init/pkg_installer_mac.sh . #. Compile the WPK package using the PKG package and, your SSL certificate and key. .. code-block:: console - + # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.pkg upgrade.sh pkg_installer_mac.sh From 29c649eb80e3fb8fd1913073cd03d171bcafa45c Mon Sep 17 00:00:00 2001 From: jr0me Date: Thu, 16 May 2024 14:49:44 -0300 Subject: [PATCH 08/13] Update documentation to generate wpks manually --- .../generate-wpk-package-manually.rst | 53 +++++++------------ 1 file changed, 18 insertions(+), 35 deletions(-) diff --git a/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst b/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst index 86cd06397f..3ce43a6469 100644 --- a/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst +++ b/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst @@ -5,9 +5,9 @@ Generate WPK packages manually ============================== -WPK packages will generally contain the complete agent code, however, this is not required. +WPK packages will generally contain a package (a DEB, RPM, MSI, or PKG file) with which to perform the upgrade; however, this is not required. -A WPK package must contain an installation program in binary form or a script in any language supported by the agent (Bash, Python, etc). Linux WPK packages must contain a Bash script named ``upgrade.sh`` for UNIX or ``upgrade.bat`` for Windows. This program must: +A WPK package must contain an installation program in binary form or a script in any language supported by the agent (Bash, Python, etc). WPK packages must contain a Bash script named ``upgrade.sh`` for UNIX or ``upgrade.bat`` for Windows. This program must: * Fork itself, as the parent, will return 0 immediately. * Restart the agent. @@ -48,57 +48,40 @@ Linux WPK .. code-block:: console # curl -Ls https://github.com/wazuh/wazuh/archive/v|WAZUH_CURRENT|.tar.gz | tar zx + # cd wazuh-|WAZUH_CURRENT| -#. Modify the ``wazuh-|WAZUH_CURRENT|/etc/preloaded-vars.conf`` file that was downloaded to deploy an :ref:`unattended update ` in the agent by uncommenting the following lines: - - .. code-block:: pkgconfig - - USER_LANGUAGE="en" - USER_NO_STOP="y" - USER_UPDATE="y" - USER_BINARYINSTALL="y" - -#. Compile the project from the ``src`` folder. +#. Download the latest version of the Wazuh DEB or RPM package (i.e., for Debian): .. code-block:: console - # cd wazuh-|WAZUH_CURRENT|/src - # make deps TARGET=agent - # make TARGET=agent + # curl -Ls |DEB_AGENT_URL|_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb --output wazuh-agent-|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb -#. Delete the files that are no longer needed. This step can be skipped, but the size of the WPK will be considerably larger. +#. Install the root CA if you want to overwrite the root CA with the file you created previously. .. code-block:: console - $ rm -rf ./{api,framework} - $ rm -rf gen_ossec.sh add_localfiles.sh - $ rm -rf src/{addagent,analysisd,client-agent,config,error_messages,external/*,headers,logcollector,monitord,os_auth,os_crypto,os_csyslogd,os_dbd,os_execd} - $ rm -rf src/{os_integrator,os_maild,os_net,os_regex,os_xml,os_zlib,remoted,reportd,shared,syscheckd,unit_tests,wazuh_db} - $ rm -rf src/win32 - $ rm -rf src/*.a - $ find etc/templates/config -not -name "sca.files" -delete 2>/dev/null - $ find etc/templates/* -maxdepth 0 -not -name "en" -not -name "config" | xargs rm -rf + # cp path/to/wpk_root.pem etc/wpk_root.pem -#. Install the root CA if you want to overwrite the root CA with the file you created previously. +#. Copy the necessary script to the Wazuh sources folder to compile the WPK. .. code-block:: console - # cd ../ - # cp path/to/wpk_root.pem etc/wpk_root.pem + # cp src/init/pkg_installer.sh . -#. Compile the WPK package using your SSL certificate and key. +#. Compile the WPK package using the PKG package and, your SSL certificate and key. .. code-block:: console - # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key * + # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key wazuh-agent-|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb upgrade.sh pkg_installer.sh -In this example, the Wazuh project's root directory contains the proper ``upgrade.sh`` file. Definitions: - ``output/myagent.wpk`` is the name of the output WPK package. - ``path/to/wpkcert.pem`` is the path to the SSL certificate. - ``path/to/wpkcert.key`` is the path to the SSL certificate's key. - - ``\*`` is the file or files to be included in the WPK package. In this case, all the contents are added. + - ``wazuh-agent_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb`` is the PKG file downloaded in step 3. + - ``upgrade.sh`` is the script that run first when the WPK is deployed in the target agent. Find an example at the base directory in the Wazuh repository. + - ``pkg_installer.sh`` is the script that manages the WPK upgrade procedure. Find an example in ``src/init`` in the Wazuh repository. Windows WPK @@ -126,6 +109,7 @@ Windows WPK .. code-block:: console # curl -Ls https://github.com/wazuh/wazuh/archive/v|WAZUH_CURRENT|.tar.gz | tar zx + # cd wazuh-|WAZUH_CURRENT| #. Download the latest version of the Wazuh MSI package. @@ -137,7 +121,6 @@ Windows WPK .. code-block:: console - # cd ../ # cp path/to/wpk_root.pem etc/wpk_root.pem #. Compile the WPK package using the MSI package and, your SSL certificate and key. @@ -198,13 +181,13 @@ macOS WPK .. code-block:: console - # cp src/init/pkg_installer_mac.sh . + # cp src/init/pkg_installer.sh . #. Compile the WPK package using the PKG package and, your SSL certificate and key. .. code-block:: console - # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.pkg upgrade.sh pkg_installer_mac.sh + # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.pkg upgrade.sh pkg_installer.sh Definitions: @@ -213,7 +196,7 @@ Definitions: - ``path/to/wpkcert.key`` is the path to the SSL certificate's key. - ``wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.pkg`` is the PKG file downloaded in step 3. - ``upgrade.sh`` is the script that run first when the WPK is deployed in the target agent. Find an example at the base directory in the Wazuh repository. - - ``pkg_installer_mac.sh`` is the script that manages the WPK upgrade procedure. Find an example in ``src/init`` in the Wazuh repository. + - ``pkg_installer.sh`` is the script that manages the WPK upgrade procedure. Find an example in ``src/init`` in the Wazuh repository. .. note:: These are only examples. If you want to distribute a WPK package using these methods, it's important to begin with an empty directory. From e5479a88207b565fc8adc4e572372c3a4e721b74 Mon Sep 17 00:00:00 2001 From: Jotacarma90 Date: Fri, 17 May 2024 13:58:48 +0200 Subject: [PATCH 09/13] Add new parameter to macOS package script generation --- source/development/packaging/generate-osx-package.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/source/development/packaging/generate-osx-package.rst b/source/development/packaging/generate-osx-package.rst index 4df227cb18..583e5f4e7f 100644 --- a/source/development/packaging/generate-osx-package.rst +++ b/source/development/packaging/generate-osx-package.rst @@ -47,6 +47,7 @@ Execute the ``generate_wazuh_packages.sh`` script, with the different options yo -d, --debug [Optional] Build the binaries with debug symbols. By default: no. -c, --checksum [Optional] Generate checksum on the desired path (by default, if no path is specified it will be generated on the same directory than the package). --is_stage [Optional] Use release name in package + -nc, --not-compile [Optional] Set whether or not to compile the code. -h, --help [ Util ] Show this help. -i, --install-deps [ Util ] Install build dependencies (Packages). -x, --install-xcode [ Util ] Install X-Code and brew. Can't be executed as root. From 4794d4c74632475d096cadefbbceef5b770291ae Mon Sep 17 00:00:00 2001 From: Manuel Date: Tue, 21 May 2024 13:52:12 +0200 Subject: [PATCH 10/13] Fix: addressed requested changes --- source/development/packaging/generate-deb-rpm-package.rst | 2 +- source/development/packaging/generate-osx-package.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/source/development/packaging/generate-deb-rpm-package.rst b/source/development/packaging/generate-deb-rpm-package.rst index cfa88ceadf..379f161ca2 100644 --- a/source/development/packaging/generate-deb-rpm-package.rst +++ b/source/development/packaging/generate-deb-rpm-package.rst @@ -18,7 +18,7 @@ Requirements * Docker * Git -Download our wazuh repository from GitHub and go to the debs directory. +Download our wazuh repository from GitHub and go to the packages directory. .. code-block:: console diff --git a/source/development/packaging/generate-osx-package.rst b/source/development/packaging/generate-osx-package.rst index 583e5f4e7f..6b3ae5288d 100644 --- a/source/development/packaging/generate-osx-package.rst +++ b/source/development/packaging/generate-osx-package.rst @@ -40,7 +40,7 @@ Execute the ``generate_wazuh_packages.sh`` script, with the different options yo Build options: -a, --architecture [Optional] Target architecture of the package [intel64/arm64]. By Default: intel64. - -b, --branch [Optional] Select Git branch []. + -b, --branch [Optional] Select Git branch. -s, --store-path [Optional] Set the destination absolute path of package. -j, --jobs [Optional] Number of parallel jobs when compiling. -r, --revision [Optional] Package revision that append to version e.g. x.x.x-rev From 0f36450b3865f00f93a04a90d636942a602587c3 Mon Sep 17 00:00:00 2001 From: Manuel Date: Tue, 21 May 2024 16:52:59 +0200 Subject: [PATCH 11/13] Enhancement: added clearer titles to packages generation section --- source/development/packaging/generate-aix-package.rst | 5 +++-- source/development/packaging/generate-deb-rpm-package.rst | 5 +++-- source/development/packaging/generate-hpux-package.rst | 5 +++-- source/development/packaging/generate-osx-package.rst | 5 +++-- source/development/packaging/generate-sol-package.rst | 5 +++-- source/development/packaging/generate-windows-package.rst | 5 +++-- 6 files changed, 18 insertions(+), 12 deletions(-) diff --git a/source/development/packaging/generate-aix-package.rst b/source/development/packaging/generate-aix-package.rst index def22b3f07..d9e333878a 100644 --- a/source/development/packaging/generate-aix-package.rst +++ b/source/development/packaging/generate-aix-package.rst @@ -5,8 +5,9 @@ .. _create-aix: -AIX -=== +========= +AIX agent +========= Wazuh provides an automated way of building AIX packages, keep in mind that to build an AIX package you must run this tool in an AIX system. diff --git a/source/development/packaging/generate-deb-rpm-package.rst b/source/development/packaging/generate-deb-rpm-package.rst index 379f161ca2..df15112150 100644 --- a/source/development/packaging/generate-deb-rpm-package.rst +++ b/source/development/packaging/generate-deb-rpm-package.rst @@ -5,8 +5,9 @@ .. _create-deb-rpm: -Debian or RPM -============= +=================== +Linux manager/agent +=================== Wazuh provides an automated way of building DEB or RPM packages using docker so there is no need for any other dependency. diff --git a/source/development/packaging/generate-hpux-package.rst b/source/development/packaging/generate-hpux-package.rst index 747abd6cb6..a72ca1da35 100644 --- a/source/development/packaging/generate-hpux-package.rst +++ b/source/development/packaging/generate-hpux-package.rst @@ -5,8 +5,9 @@ .. _create-hpux: -HPUX -==== +========== +HPUX agent +========== Wazuh provides an automated way of building HPUX packages, keep in mind that to build an HPUX package you must run this tool in an HPUX system. diff --git a/source/development/packaging/generate-osx-package.rst b/source/development/packaging/generate-osx-package.rst index 6b3ae5288d..dcbf7ed5a2 100644 --- a/source/development/packaging/generate-osx-package.rst +++ b/source/development/packaging/generate-osx-package.rst @@ -5,8 +5,9 @@ .. _create-osx: -macOS -===== +=========== +macOS agent +=========== Wazuh provides an automated way of building macOS packages, keep in mind that to build an macOS package you must run this tool in an macOS system. diff --git a/source/development/packaging/generate-sol-package.rst b/source/development/packaging/generate-sol-package.rst index 8660b06bf4..876f098341 100644 --- a/source/development/packaging/generate-sol-package.rst +++ b/source/development/packaging/generate-sol-package.rst @@ -5,8 +5,9 @@ .. _create-sol: -Solaris -======= +============= +Solaris agent +============= Wazuh provides an automated way of building Solaris 10 and 11 packages, keep in mind that to build these packages you must use the corresponding system. diff --git a/source/development/packaging/generate-windows-package.rst b/source/development/packaging/generate-windows-package.rst index 1f5c675cb2..ace7a25fa4 100644 --- a/source/development/packaging/generate-windows-package.rst +++ b/source/development/packaging/generate-windows-package.rst @@ -5,8 +5,9 @@ .. _create-windows: -Windows -======= +============= +Windows agent +============= Wazuh provides an automated way of building Windows packages. From 01b1fe2ef6d381db29018e615f4ff2d2104e2a53 Mon Sep 17 00:00:00 2001 From: Luis Enrique Chico Capistrano Date: Fri, 31 May 2024 11:16:18 -0300 Subject: [PATCH 12/13] Update the redirections and address minor comments. --- source/_static/js/redirects.js | 65 +++++++++++-------- .../packaging/generate-aix-package.rst | 3 +- .../packaging/generate-deb-rpm-package.rst | 1 - .../packaging/generate-hpux-package.rst | 1 - .../packaging/generate-osx-package.rst | 1 - .../packaging/generate-sol-package.rst | 1 - .../packaging/generate-windows-package.rst | 1 - 7 files changed, 40 insertions(+), 33 deletions(-) diff --git a/source/_static/js/redirects.js b/source/_static/js/redirects.js index b35812faf9..91bc152bde 100644 --- a/source/_static/js/redirects.js +++ b/source/_static/js/redirects.js @@ -78,6 +78,16 @@ redirections.push( '4.8': '/deployment-options/offline-installation.html', '4.9': '/deployment-options/offline-installation/step-by-step.html', }, + { + 'target': ['4.8=>4.9'], + '4.8': '/development/packaging/generate-deb-package.html', + '4.9': '/development/packaging/generate-deb-rpm-package.html', + }, + { + 'target': ['4.8=>4.9'], + '4.8': '/development/packaging/generate-rpm-package.html', + '4.9': '/development/packaging/generate-deb-rpm-package.html', + }, ); /* Pages added in 4.9 */ @@ -89,12 +99,15 @@ newUrls['4.9'] = [ '/deployment-options/offline-installation/installation-assistant.html', '/development/coredump.html', '/development/packaging/generate-indexer-package.html', + 'development/packaging/generate-deb-rpm-package.html', ]; /* Pages no longer available in 4.9 */ removedUrls['4.9'] = [ '/deployment-options/offline-installation.html', + '/development/packaging/generate-deb-package.html', + '/development/packaging/generate-rpm-package.html', ]; /* *** RELEASE 4.8 ****/ @@ -812,7 +825,7 @@ removedUrls['4.6'] = [ '/user-manual/elasticsearch/configure-indices.html', '/user-manual/elasticsearch/elasticsearch.html', '/user-manual/elasticsearch/index.html', - '/user-manual/elasticsearch/troubleshooting.html', + '/user-manual/elasticsearch/troubleshooting.html', '/user-manual/elasticsearch/elastic-tuning.html', '/user-manual/uninstall/central-components.html', '/user-manual/uninstall/elastic-stack.html', @@ -909,7 +922,7 @@ newUrls['4.5'] = [ '/integrations-guide/elastic-stack/index.html', '/integrations-guide/opensearch/index.html', '/integrations-guide/splunk/index.html', - '/user-manual/capabilities/log-data-collection/configuration.html', + '/user-manual/capabilities/log-data-collection/configuration.html', '/user-manual/capabilities/log-data-collection/log-data-analysis.html', '/user-manual/capabilities/log-data-collection/monitoring-log-files.html', '/user-manual/capabilities/log-data-collection/multiple-socket-outputs.html', @@ -954,7 +967,7 @@ removedUrls['4.5'] = [ '/user-manual/elasticsearch/elastic-tuning.html', '/user-manual/elasticsearch/elasticsearch.html', '/user-manual/elasticsearch/index.html', - '/user-manual/elasticsearch/troubleshooting.html', + '/user-manual/elasticsearch/troubleshooting.html', ]; /* *** RELEASE 4.4 ****/ @@ -991,12 +1004,12 @@ redirections.push( 'target': ['4.3=>4.4', '4.4=>4.3'], '4.3': '/user-manual/capabilities/file-integrity/fim-configuration.html', '4.4': '/user-manual/capabilities/file-integrity/index.html', - }, + }, { 'target': ['4.3=>4.4', '4.4=>4.3'], '4.3': '/user-manual/capabilities/file-integrity/fim-fields-rule-mapping.html', '4.4': '/user-manual/capabilities/file-integrity/index.html', - }, + }, { 'target': ['4.3=>4.4', '4.4=>4.3'], '4.3': '/user-manual/capabilities/antiflooding.html', @@ -1006,7 +1019,7 @@ redirections.push( 'target': ['4.3=>4.4', '4.4=>4.3'], '4.3': '/user-manual/capabilities/labels.html', '4.4': '/user-manual/agents/labels.html', - }, + }, { 'target': ['4.3=>4.4', '4.4=>4.3'], '4.3': '/user-manual/capabilities/fluent-forwarder.html', @@ -1594,7 +1607,7 @@ newUrls['4.4'] = [ '/compliance/nist/system-inventory.html', '/compliance/nist/vulnerability-detection.html', '/compliance/nist/active-response.html', - '/compliance/nist/threat-intelligence.html', + '/compliance/nist/threat-intelligence.html', '/compliance/tsc/index.html', '/compliance/tsc/common-criteria/cc2.1.html', '/compliance/tsc/common-criteria/cc3.1.html', @@ -1615,7 +1628,7 @@ newUrls['4.4'] = [ '/user-manual/capabilities/file-integrity/basic-settings.html', '/user-manual/capabilities/file-integrity/how-to-configure-fim.html', '/user-manual/capabilities/file-integrity/interpreting-fim-module-analysis.html', - '/user-manual/capabilities/file-integrity/creating-custom-fim-rules.html', + '/user-manual/capabilities/file-integrity/creating-custom-fim-rules.html', '/user-manual/capabilities/file-integrity/advanced-settings.html', '/user-manual/capabilities/file-integrity/use-cases/index.html', '/user-manual/capabilities/file-integrity/use-cases/detecting-malware-persistence-technique.html', @@ -1638,7 +1651,7 @@ newUrls['4.4'] = [ '/user-manual/capabilities/system-calls-monitoring/use-cases/privilege-abuse.html', '/user-manual/capabilities/agentless-monitoring/connection.html', '/user-manual/capabilities/agentless-monitoring/visualization.html', - '/user-manual/capabilities/agentless-monitoring/use-cases.html', + '/user-manual/capabilities/agentless-monitoring/use-cases.html', '/user-manual/capabilities/vulnerability-detection/querying-the-vulnerability-database.html', '/user-manual/files-backup/creating/index.html', '/user-manual/files-backup/creating/wazuh-central-components.html', @@ -1721,8 +1734,8 @@ removedUrls['4.4'] = [ '/user-manual/capabilities/auditing-whodata/index.html', '/user-manual/capabilities/auditing-whodata/who-linux.html', '/user-manual/capabilities/auditing-whodata/who-windows.html', - '/user-manual/capabilities/auditing-whodata/who-windows-policies.html', - '/user-manual/capabilities/syscollector.html', + '/user-manual/capabilities/auditing-whodata/who-windows-policies.html', + '/user-manual/capabilities/syscollector.html', '/user-manual/capabilities/agentless-monitoring/agentless-faq.html', '/container-security/index.html', '/container-security/docker-monitor/index.html', @@ -1734,7 +1747,7 @@ removedUrls['4.4'] = [ ]; /* *** RELEASE 4.3 ****/ - + /* Pages added in 4.3 */ newUrls['4.3'] = [ @@ -1755,7 +1768,7 @@ newUrls['4.3'] = [ '/user-manual/elasticsearch/configure-indices.html', '/user-manual/elasticsearch/elasticsearch.html', '/user-manual/elasticsearch/index.html', - '/user-manual/elasticsearch/troubleshooting.html', + '/user-manual/elasticsearch/troubleshooting.html', '/user-manual/wazuh-dashboard/settings.html', '/user-manual/wazuh-dashboard/config-file.html', '/user-manual/wazuh-dashboard/index.html', @@ -1910,7 +1923,7 @@ newUrls['4.3'] = [ '/deployment-options/deploying-with-puppet/wazuh-puppet-module/reference-wazuh-puppet/wazuh-manager-class.html', '/deployment-options/amazon-machine-images/amazon-machine-images.html', '/release-notes/release-4-3-0.html', - '/pci-dss/configuration-assessment.html', + '/pci-dss/configuration-assessment.html', '/pci-dss/malware-detection.html', '/pci-dss/vulnerability-detection.html', '/pci-dss/system-inventory.html', @@ -2073,7 +2086,7 @@ removedUrls['4.3'] = [ '/migrating-from-ossec/ossec-server.html', '/migrating-from-ossec/ossec-agent.html', '/learning-wazuh/build-lab/access-ec2-instances.html', - '/learning-wazuh/build-lab/build-vpc.html', + '/learning-wazuh/build-lab/build-vpc.html', '/learning-wazuh/build-lab/launch-ec2-instances.html', '/learning-wazuh/build-lab/xpack-security-setup.html', '/learning-wazuh/build-lab/install-elastic-stack.html', @@ -2095,7 +2108,7 @@ removedUrls['4.3'] = [ '/pci-dss/policy-monitoring.html', '/pci-dss/rootkit-detection.html', '/pci-dss/elastic.html', - '/upgrade-guide/upgrading-agent.html', + '/upgrade-guide/upgrading-agent.html', '/user-manual/capabilities/anomalies-detection/anomaly-configuration.html', '/user-manual/capabilities/anomalies-detection/anomaly-faq.html', '/user-manual/capabilities/anomalies-detection/how-it-works.html', @@ -3080,7 +3093,7 @@ newUrls['4.2'] = [ '/upgrade-guide/legacy/upgrading-wazuh-server/restore-alerts-from-2.x-to-3.x.html', '/user-manual/agent-enrollment/index.html', '/user-manual/agent-enrollment/via-agent-configuration/index.html', - '/user-manual/agent-enrollment/via-agent-configuration/linux-endpoint.html', + '/user-manual/agent-enrollment/via-agent-configuration/linux-endpoint.html', '/user-manual/agent-enrollment/via-agent-configuration/windows-endpoint.html', '/user-manual/agent-enrollment/via-agent-configuration/macos-endpoint.html', '/user-manual/agent-enrollment/via-manager-API/index.html', @@ -3088,9 +3101,9 @@ newUrls['4.2'] = [ '/user-manual/agent-enrollment/via-manager-API/importing-the-key.html', '/user-manual/agent-enrollment/security-options/index.html', '/user-manual/agent-enrollment/security-options/using-password-authentication.html', - '/user-manual/agent-enrollment/security-options/manager-identity-verification.html', - '/user-manual/agent-enrollment/security-options/agent-identity-verification.html', - '/user-manual/agent-enrollment/troubleshooting.html', + '/user-manual/agent-enrollment/security-options/manager-identity-verification.html', + '/user-manual/agent-enrollment/security-options/agent-identity-verification.html', + '/user-manual/agent-enrollment/troubleshooting.html', ]; removedUrls['4.2'] = [ @@ -3241,7 +3254,7 @@ removedUrls['4.2'] = [ '/user-manual/registering/index.html', '/user-manual/registering/command-line-registration.html', '/user-manual/registering/restful-api-registration.html', - '/user-manual/registering/password-authorization-registration.html', + '/user-manual/registering/password-authorization-registration.html', '/user-manual/registering/host-verification-registration.html', '/user-manual/registering/registering-agents-theory.html', '/user-manual/registering/registering-agents-troubleshooting.html', @@ -3261,7 +3274,7 @@ redirections.push( { 'target': ['4.2=>4.1'], '4.2': '/getting-started/components/kibana.html', - '4.1': '/getting-started/components/elastic-stack.html', + '4.1': '/getting-started/components/elastic-stack.html', }, { 'target': ['4.1=>4.2', '4.2=>4.1'], @@ -3297,7 +3310,7 @@ redirections.push( 'target': ['4.1=>4.2', '4.2=>4.1'], '4.1': '/user-manual/registering/registering-agents-troubleshooting.html', '4.2': '/user-manual/agent-enrollment/troubleshooting.html', - }, + }, { 'target': ['4.1=>4.2', '4.2=>4.1'], '4.1': '/deploying-with-ansible/roles/wazuh-elasticsearch.html', @@ -4976,9 +4989,9 @@ redirections.push( ); newUrls['3.13'] = [ - '/release-notes/release-3-13-6.html', - '/release-notes/release-3-13-5.html', - '/release-notes/release-3-13-4.html', + '/release-notes/release-3-13-6.html', + '/release-notes/release-3-13-5.html', + '/release-notes/release-3-13-4.html', '/release-notes/release_3_13_3.html', '/release-notes/release_3_13_2.html', '/getting-started/use_cases/index.html', diff --git a/source/development/packaging/generate-aix-package.rst b/source/development/packaging/generate-aix-package.rst index d9e333878a..cc54cf9361 100644 --- a/source/development/packaging/generate-aix-package.rst +++ b/source/development/packaging/generate-aix-package.rst @@ -2,10 +2,9 @@ .. meta:: :description: Wazuh provides an automated way of building AIX packages. Learn how to build your own Wazuh AIX packages in this section of our documentation. - + .. _create-aix: -========= AIX agent ========= diff --git a/source/development/packaging/generate-deb-rpm-package.rst b/source/development/packaging/generate-deb-rpm-package.rst index df15112150..d56646ab5b 100644 --- a/source/development/packaging/generate-deb-rpm-package.rst +++ b/source/development/packaging/generate-deb-rpm-package.rst @@ -5,7 +5,6 @@ .. _create-deb-rpm: -=================== Linux manager/agent =================== diff --git a/source/development/packaging/generate-hpux-package.rst b/source/development/packaging/generate-hpux-package.rst index a72ca1da35..44278aa975 100644 --- a/source/development/packaging/generate-hpux-package.rst +++ b/source/development/packaging/generate-hpux-package.rst @@ -5,7 +5,6 @@ .. _create-hpux: -========== HPUX agent ========== diff --git a/source/development/packaging/generate-osx-package.rst b/source/development/packaging/generate-osx-package.rst index dcbf7ed5a2..ed25fc9914 100644 --- a/source/development/packaging/generate-osx-package.rst +++ b/source/development/packaging/generate-osx-package.rst @@ -5,7 +5,6 @@ .. _create-osx: -=========== macOS agent =========== diff --git a/source/development/packaging/generate-sol-package.rst b/source/development/packaging/generate-sol-package.rst index 876f098341..c030e2b608 100644 --- a/source/development/packaging/generate-sol-package.rst +++ b/source/development/packaging/generate-sol-package.rst @@ -5,7 +5,6 @@ .. _create-sol: -============= Solaris agent ============= diff --git a/source/development/packaging/generate-windows-package.rst b/source/development/packaging/generate-windows-package.rst index ace7a25fa4..04950efaec 100644 --- a/source/development/packaging/generate-windows-package.rst +++ b/source/development/packaging/generate-windows-package.rst @@ -5,7 +5,6 @@ .. _create-windows: -============= Windows agent ============= From 26d1ce5e8ddc736c8220696897ea5ef5d4012432 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Fri, 31 May 2024 15:43:01 -0300 Subject: [PATCH 13/13] Add format and minor changes --- .../packaging/generate-deb-rpm-package.rst | 93 +++++++++---------- .../packaging/generate-wpk-package.rst | 54 +++++------ .../generate-wpk-package-manually.rst | 24 ++--- 3 files changed, 85 insertions(+), 86 deletions(-) diff --git a/source/development/packaging/generate-deb-rpm-package.rst b/source/development/packaging/generate-deb-rpm-package.rst index d56646ab5b..fa37ec72dc 100644 --- a/source/development/packaging/generate-deb-rpm-package.rst +++ b/source/development/packaging/generate-deb-rpm-package.rst @@ -1,61 +1,58 @@ .. Copyright (C) 2015, Wazuh, Inc. .. meta:: - :description: Wazuh provides an automated way of building DEB or RPM packages. Learn how to build your own Wazuh DEB or RPM packages in this section of our documentation. - -.. _create-deb-rpm: + :description: Wazuh provides an automated way of building DEB and RPM packages. Learn how to build your own Wazuh DEB and RPM packages in this section of our documentation. Linux manager/agent =================== -Wazuh provides an automated way of building DEB or RPM packages using docker so there is no need for any other dependency. +Wazuh provides an automated way of building DEB and RPM packages using Docker so there is no need for any other dependency. -To create an Debian or RPM package follow these steps: +To create a Debian or RPM package follow these steps: Requirements ^^^^^^^^^^^^ - * Docker - * Git +- Docker +- Git Download our wazuh repository from GitHub and go to the packages directory. .. code-block:: console - $ git clone https://github.com/wazuh/wazuh && cd wazuh/packages && git checkout v|WAZUH_CURRENT| + $ git clone https://github.com/wazuh/wazuh && cd wazuh/packages && git checkout v|WAZUH_CURRENT| -Execute the ``generate_package.sh`` script, with the different options you desire. This script will build a Docker image with all the necessary tools to create the DEB or RPM and run a container that will build it: +Execute the ``generate_package.sh`` script with your desired options. This script builds a Docker image with all the necessary tools to create the DEB or RPM package and run a container that builds it: .. code-block:: console - # ./generate_package.sh -h + # ./generate_package.sh -h .. code-block:: none - :class: output - - Usage: packages/generate_package.sh [OPTIONS] - - -b, --branch [Optional] Select Git branch. - -t, --target [Required] Target package to build: manager or agent. - -a, --architecture [Optional] Target architecture of the package [amd64/i386/ppc64le/arm64/armhf]. - -j, --jobs [Optional] Change number of parallel jobs when compiling the manager or agent. By default: 2. - -r, --revision [Optional] Package revision. By default: 0. - -s, --store [Optional] Set the destination path of package. By default, an output folder will be created. - -p, --path [Optional] Installation path for the package. By default: /var/ossec. - -d, --debug [Optional] Build the binaries with debug symbols. By default: no. - -c, --checksum [Optional] Generate checksum on the same directory than the package. By default: no. - -l, --legacy [Optional only for RPM] Build package for CentOS 5. - --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. - --tag [Optional] Tag to use with the docker image. - --sources [Optional] Absolute path containing wazuh source code. This option will use local source code instead of downloading it from GitHub. By default use the script path. - --is_stage [Optional] Use release name in package. - --system [Optional] Select Package OS [rpm, deb]. By default is 'deb'. - --src [Optional] Generate the source package in the destination directory. - --future [Optional] Build test future package x.30.0 Used for development purposes. - -h, --help Show this help. - -Below, you will find some examples of how to build a DEB or RPM package. - + :class: output + + Usage: packages/generate_package.sh [OPTIONS] + + -b, --branch [Optional] Select Git branch. + -t, --target [Required] Target package to build: manager or agent. + -a, --architecture [Optional] Target architecture of the package [amd64/i386/ppc64le/arm64/armhf]. + -j, --jobs [Optional] Change number of parallel jobs when compiling the manager or agent. By default: 2. + -r, --revision [Optional] Package revision. By default: 0. + -s, --store [Optional] Set the destination path of package. By default, an output folder will be created. + -p, --path [Optional] Installation path for the package. By default: /var/ossec. + -d, --debug [Optional] Build the binaries with debug symbols. By default: no. + -c, --checksum [Optional] Generate checksum on the same directory than the package. By default: no. + -l, --legacy [Optional only for RPM] Build package for CentOS 5. + --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. + --tag [Optional] Tag to use with the docker image. + --sources [Optional] Absolute path containing wazuh source code. This option will use local source code instead of downloading it from GitHub. By default use the script path. + --is_stage [Optional] Use release name in package. + --system [Optional] Select Package OS [rpm, deb]. By default is 'deb'. + --src [Optional] Generate the source package in the destination directory. + --future [Optional] Build test future package x.30.0 Used for development purposes. + -h, --help Show this help. + +Below, you will find some examples of how to build a DEB and an RPM package. .. tabs:: @@ -63,32 +60,34 @@ Below, you will find some examples of how to build a DEB or RPM package. .. code-block:: console - # ./generate_package.sh -s /tmp -t manager -a amd64 -r my_rev --system deb + # ./generate_package.sh -s /tmp -t manager -a amd64 -r my_rev --system deb - This will generate a |WAZUH_CURRENT| Wazuh manager package DEB with revision ``my_rev`` for ``amd64`` systems. + This command generates a |WAZUH_CURRENT| Wazuh manager DEB package with revision ``my_rev`` for ``amd64`` systems. .. code-block:: console - # ./generate_package.sh -t agent -a amd64 -p /opt/ossec --system deb + # ./generate_package.sh -t agent -a amd64 -p /opt/ossec --system deb - This will generate a |WAZUH_CURRENT| Wazuh agent DEB package with ``/opt/ossec`` as installation directory for ``amd64`` systems. + This command generates a |WAZUH_CURRENT| Wazuh agent DEB package with ``/opt/ossec/`` as installation directory for ``amd64`` systems. .. group-tab:: RPM .. note:: - Use the following architecture equivalences: - * amd64 -> x86_64 - * arm64 -> aarch64 - * armhf -> armv7hl + + Use the following architecture equivalences: + + - ``amd64`` -> x86_64 + - ``arm64`` -> aarch64 + - ``armhf`` -> armv7hl .. code-block:: console - # ./generate_package.sh -s /tmp -t manager -a amd64 -r my_rev --system rpm + # ./generate_package.sh -s /tmp -t manager -a amd64 -r my_rev --system rpm - This will generate a |WAZUH_CURRENT| Wazuh manager RPM package with revision ``my_rev`` for ``x86_64`` systems. + This command generates a |WAZUH_CURRENT| Wazuh manager RPM package with revision ``my_rev`` for x86_64 systems. .. code-block:: console - # ./generate_package.sh -t agent -a amd64 -p /opt/ossec --system rpm + # ./generate_package.sh -t agent -a amd64 -p /opt/ossec --system rpm - This will generate a |WAZUH_CURRENT| Wazuh agent RPM package with ``/opt/ossec`` as installation directory for ``x86_64`` systems. + This command generates a |WAZUH_CURRENT| Wazuh agent RPM package with ``/opt/ossec/`` as installation directory for x86_64 systems. diff --git a/source/development/packaging/generate-wpk-package.rst b/source/development/packaging/generate-wpk-package.rst index 813e43bf02..f7aed7b50f 100644 --- a/source/development/packaging/generate-wpk-package.rst +++ b/source/development/packaging/generate-wpk-package.rst @@ -20,11 +20,11 @@ Requirements * Docker * Git -Download our wazuh repository from GitHub and go to the wpk directory. +Download our wazuh repository from GitHub and go to the ``wpk`` directory. .. code-block:: console - $ git clone https://github.com/wazuh/wazuh && cd wazuh/packages/wpk && git checkout v|WAZUH_CURRENT| + $ git clone https://github.com/wazuh/wazuh && cd wazuh/packages/wpk && git checkout v|WAZUH_CURRENT| Execute the ``generate_wpk_package.sh`` script, with the different options you desire. This script will build a Docker image with all the necessary tools to create the WPK and run a container that will build it: @@ -33,24 +33,24 @@ Execute the ``generate_wpk_package.sh`` script, with the different options you d $ ./generate_wpk_package.sh -h .. code-block:: none - :class: output - - Usage: packages/wpk/generate_wpk_package.sh [OPTIONS] - It is required to use -k or --aws-wpk-key, --aws-wpk-cert parameters - - -t, --target-system [Required] Select target wpk to build [linux/windows/macos]. - -b, --branch [Required] Select Git branch. - -d, --destination [Required] Set the destination path of package. - -pn, --package-name [Required] Path to package file (rpm, deb, apk, msi, pkg) to pack in wpk. - -o, --output [Required] Name to the output package. - -k, --key-dir [Optional] Set the WPK key path to sign package. - --aws-wpk-key [Optional] AWS Secrets manager Name/ARN to get WPK private key. - --aws-wpk-cert [Optional] AWS secrets manager Name/ARN to get WPK certificate. - --aws-wpk-key-region [Optional] AWS Region where secrets are stored. - -c, --checksum [Optional] Generate checksum on destination folder. By default: no. - --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. By default: yes. - --tag [Optional] Tag to use with the docker image. - -h, --help Show this help. + :class: output + + Usage: packages/wpk/generate_wpk_package.sh [OPTIONS] + It is required to use -k or --aws-wpk-key, --aws-wpk-cert parameters + + -t, --target-system [Required] Select target wpk to build [linux/windows/macos]. + -b, --branch [Required] Select Git branch. + -d, --destination [Required] Set the destination path of package. + -pn, --package-name [Required] Path to package file (rpm, deb, apk, msi, pkg) to pack in wpk. + -o, --output [Required] Name to the output package. + -k, --key-dir [Optional] Set the WPK key path to sign package. + --aws-wpk-key [Optional] AWS Secrets manager Name/ARN to get WPK private key. + --aws-wpk-cert [Optional] AWS secrets manager Name/ARN to get WPK certificate. + --aws-wpk-key-region [Optional] AWS Region where secrets are stored. + -c, --checksum [Optional] Generate checksum on destination folder. By default: no. + --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one. By default: yes. + --tag [Optional] Tag to use with the docker image. + -h, --help Show this help. To use this tool, the previously required :ref:`certificate ` and the key must be in the same directory. @@ -64,17 +64,17 @@ The following example demonstrates the process for Debian ``amd64``, but you can .. code-block:: console - # curl -O |DEB_AGENT_URL|_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb + # curl -O |DEB_AGENT_URL|_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb Below, you will find an example of Linux WPK package building. .. code-block:: console - # ./generate_wpk_package.sh -t linux -b v|WAZUH_CURRENT| -d /tmp/wpk -k /tmp/keys -o LinuxAgent.wpk -pn /tmp/wazuh-agent_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb + # ./generate_wpk_package.sh -t linux -b v|WAZUH_CURRENT| -d /tmp/wpk -k /tmp/keys -o LinuxAgent.wpk -pn /tmp/wazuh-agent_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb This script builds a Wazuh |WAZUH_CURRENT| Linux WPK package named LinuxAgent.wpk and stores it in ``/tmp/wpk``. This action is done using the previously generated keys that are saved in ``/tmp/keys``. -If the ``-c`` or ``--checksum`` option is used, a file is created containing the SHA512 checksum in the same output path. This location is configurable and you can indicate where you want to store it. +If you use the ``-c`` or ``--checksum`` option, a file containing the SHA512 checksum is created in the same output path. This location is configurable, allowing you to indicate where you want to store it. Windows WPK ^^^^^^^^^^^ @@ -100,17 +100,17 @@ macOS WPK To build a WPK for macOS you need to first download a PKG package of the desired version: -The following example demonstrates the process for a ``intel64`` Architecture, but you can follow similar steps for ``arm64``: +The following example demonstrates the process for an ``intel64`` architecture, but you can follow similar steps for ``arm64``: .. code-block:: console - # curl -O https://packages.wazuh.com/|WAZUH_CURRENT_MAJOR_OSX|/macos/wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.intel64.pkg + # curl -O https://packages.wazuh.com/|WAZUH_CURRENT_MAJOR_OSX|/macos/wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.intel64.pkg Below, you will find an example of macOS WPK package building. .. code-block:: console - # ./generate_wpk_package.sh -t macos -b v|WAZUH_CURRENT_OSX| -d /tmp/wpk -k /tmp/keys -o macOSAgent.wpk -pn /tmp/wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.intel64.pkg + # ./generate_wpk_package.sh -t macos -b v|WAZUH_CURRENT_OSX| -d /tmp/wpk -k /tmp/keys -o macOSAgent.wpk -pn /tmp/wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.intel64.pkg This script builds a Wazuh |WAZUH_CURRENT_OSX| macOS WPK package named macOSAgent.wpk and stores it in ``/tmp/wpk``. This action is done using the previously generated keys that are saved in ``/tmp/keys``. @@ -123,4 +123,4 @@ Here you can see an example of how to build a WPK with checksum: .. code-block:: console - # ./generate_wpk_package.sh -t linux -b v|WAZUH_CURRENT| -d /tmp/wpk -k /tmp/keys -o LinuxAgent.wpk -pn /tmp/wazuh-agent_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb -c /tmp/wpk_checksum + # ./generate_wpk_package.sh -t linux -b v|WAZUH_CURRENT| -d /tmp/wpk -k /tmp/keys -o LinuxAgent.wpk -pn /tmp/wazuh-agent_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb -c /tmp/wpk_checksum diff --git a/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst b/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst index 3ce43a6469..e65e12073c 100644 --- a/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst +++ b/source/user-manual/agent/agent-management/remote-upgrading/create-custom-wpk/generate-wpk-package-manually.rst @@ -47,14 +47,14 @@ Linux WPK .. code-block:: console - # curl -Ls https://github.com/wazuh/wazuh/archive/v|WAZUH_CURRENT|.tar.gz | tar zx - # cd wazuh-|WAZUH_CURRENT| + # curl -Ls https://github.com/wazuh/wazuh/archive/v|WAZUH_CURRENT|.tar.gz | tar zx + # cd wazuh-|WAZUH_CURRENT| -#. Download the latest version of the Wazuh DEB or RPM package (i.e., for Debian): +#. Download the latest version of the Wazuh DEB or RPM package. For example, for Debian: .. code-block:: console - # curl -Ls |DEB_AGENT_URL|_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb --output wazuh-agent-|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb + # curl -Ls |DEB_AGENT_URL|_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb --output wazuh-agent-|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb #. Install the root CA if you want to overwrite the root CA with the file you created previously. @@ -66,13 +66,13 @@ Linux WPK .. code-block:: console - # cp src/init/pkg_installer.sh . + # cp src/init/pkg_installer.sh . -#. Compile the WPK package using the PKG package and, your SSL certificate and key. +#. Compile the WPK package using the PKG package, along with your SSL certificate and key. .. code-block:: console - # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key wazuh-agent-|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb upgrade.sh pkg_installer.sh + # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key wazuh-agent-|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_AGENT_X86|_amd64.deb upgrade.sh pkg_installer.sh Definitions: @@ -108,8 +108,8 @@ Windows WPK .. code-block:: console - # curl -Ls https://github.com/wazuh/wazuh/archive/v|WAZUH_CURRENT|.tar.gz | tar zx - # cd wazuh-|WAZUH_CURRENT| + # curl -Ls https://github.com/wazuh/wazuh/archive/v|WAZUH_CURRENT|.tar.gz | tar zx + # cd wazuh-|WAZUH_CURRENT| #. Download the latest version of the Wazuh MSI package. @@ -123,7 +123,7 @@ Windows WPK # cp path/to/wpk_root.pem etc/wpk_root.pem -#. Compile the WPK package using the MSI package and, your SSL certificate and key. +#. Compile the WPK package using the MSI package, along with your SSL certificate and key. .. code-block:: console @@ -181,13 +181,13 @@ macOS WPK .. code-block:: console - # cp src/init/pkg_installer.sh . + # cp src/init/pkg_installer.sh . #. Compile the WPK package using the PKG package and, your SSL certificate and key. .. code-block:: console - # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.pkg upgrade.sh pkg_installer.sh + # tools/agent-upgrade/wpkpack.py output/myagent.wpk path/to/wpkcert.pem path/to/wpkcert.key wazuh-agent-|WAZUH_CURRENT_OSX|-|WAZUH_REVISION_OSX|.pkg upgrade.sh pkg_installer.sh Definitions: