Add bash scripts for MVP validation tests

test-tools/scripts/00_check_package_built.sh

@@ -0,0 +1,75 @@
+#!/bin/bash
+
+## SPDX-License-Identifier: Apache-2.0
+## The OpenSearch Contributors require contributions made to
+# this file be licensed under the Apache-2.0 license or a
+# compatible open source license.
+
+# Check if the necessary arguments are provided
+if [ "$#" -ne 2 ]; then
+    echo "Usage: $0 <RUN_ID> <PKG_VERSION> <(Optional)PKG_REVISION>"
+    echo
+    echo "Parameters:"
+    echo "    RUN_ID         The GHA workflow execution ID."
+    echo "    PKG_VERSION    The version of the wazuh-indexer package."
+    echo "    PKG_REVISION   (Optional) The revision of the package. Defaults to 'test' if not provided."
+    echo
+    echo "Please ensure you have the GITHUB_TOKEN environment variable set to access the GitHub repository."
+    echo
+    exit 1
+fi
+
+RUN_ID=$1
+PKG_VERSION=$2
+PKG_REVISION=${3:-"0"}
+REPO="wazuh/wazuh-indexer"
+URL="https://api.github.com/repos/$REPO/actions/artifacts"
+
+# Detect OS and architecture
+if [ -f /etc/os-release ]; then
+    . /etc/os-release
+    OS=$(echo $NAME | tr '[:upper:]' '[:lower:]')
+else
+    echo "Unsupported OS."
+    exit 1
+fi
+
+ARCH=$(uname -m)
+# Determine package type
+case "$OS" in
+    "ubuntu" | "debian")
+        PKG_FORMAT="deb"
+        [ "$ARCH" == "x86_64" ] && ARCH="amd64"
+        PKG_NAME="wazuh-indexer_${PKG_VERSION}-${PKG_REVISION}_${ARCH}.${PKG_FORMAT}"
+        ;;
+    "centos" | "fedora" | "rhel" | "red hat enterprise linux")
+        PKG_FORMAT="rpm"
+        PKG_NAME="wazuh-indexer-${PKG_VERSION}-${PKG_REVISION}.${ARCH}.${PKG_FORMAT}"
+        ;;
+    *)
+        echo "Unsupported OS. ${OS}"
+        exit 1
+        ;;
+esac
+
+# Fetch the list of artifacts
+echo "Fetching artifacts list..."
+RESPONSE=$(curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer $GITHUB_TOKEN" -H "X-GitHub-Api-Version: 2022-11-28" $URL?name=$PKG_NAME)
+
+# Check if the curl command was successful
+if [ $? -ne 0 ]; then
+    echo "Error: Failed to fetch artifacts."
+    exit 1
+fi
+
+# Check if the artifact from the specified workflow run ID exists
+echo "Checking ${PKG_NAME} package is generated for workflow run ${RUN_ID}"
+ARTIFACT=$(echo "$RESPONSE" | jq -e ".artifacts[] | select(.workflow_run.id == $RUN_ID)")
+
+if [ -n "$ARTIFACT" ]; then
+    ARTIFACT_ID=$(echo "$ARTIFACT" | jq -r '.id')
+    echo "Wazuh indexer package built successfully."
+    echo "[ Artifact ID: $ARTIFACT_ID ]"
+else
+    echo "Error: Wazuh indexer package not found."
+fi

test-tools/scripts/01_check_installation.sh

@@ -0,0 +1,113 @@
+#!/bin/bash
+
+# SPDX-License-Identifier: Apache-2.0
+# The OpenSearch Contributors require contributions made to
+# this file be licensed under the Apache-2.0 license or a
+# compatible open source license.
+
+# Usage function to display help
+usage() {
+    echo "Usage: $0 <ARTIFACT_ID> <PKG_VERSION> <(Optional)PKG_REVISION>"
+    echo
+    echo "Parameters:"
+    echo "    ARTIFACT_ID    The unique ID of the GHA artifact."
+    echo "    PKG_VERSION    The version of the wazuh-indexer package."
+    echo "    PKG_REVISION   (Optional) The revision of the package. Defaults to 'test' if not provided."
+    echo
+    echo "Please ensure you have the GITHUB_TOKEN environment variable set to access the GitHub repository."
+    echo
+    exit 1
+}
+
+# Check if GITHUB_TOKEN env var is set
+if [ -z "$1" ]; then
+    echo "Error: Environment variable GITHUB_TOKEN is not configured."
+    usage
+fi
+
+# Check if ARTIFACT_ID is provided
+if [ -z "$1" ]; then
+    echo "Error: ARTIFACT_ID not provided."
+    usage
+fi
+
+# Check if PKG_VERSION is provided
+if [ -z "$2" ]; then
+    echo "Error: PKG_VERSION not provided."
+    usage
+fi
+
+ARTIFACT_ID=$1
+PKG_VERSION=$2
+PKG_REVISION=${3:-"0"}
+REPO="wazuh/wazuh-indexer"
+URL="https://api.github.com/repos/${REPO}/actions/artifacts/${ARTIFACT_ID}/zip"
+
+# Detect OS and architecture
+if [ -f /etc/os-release ]; then
+    . /etc/os-release
+    OS=$(echo $NAME | tr '[:upper:]' '[:lower:]')
+else
+    echo "Unsupported OS."
+    exit 1
+fi
+
+ARCH=$(uname -m)
+# Determine package type
+case "$OS" in
+    "ubuntu" | "debian")
+        PKG_FORMAT="deb"
+        [ "$ARCH" == "x86_64" ] && ARCH="amd64"
+        # Construct package name
+        PKG_NAME="wazuh-indexer_${PKG_VERSION}-${PKG_REVISION}_${ARCH}.${PKG_FORMAT}"
+        ;;
+    "centos" | "fedora" | "rhel" | "red hat enterprise linux")
+        PKG_FORMAT="rpm"
+        # Construct package name
+        PKG_NAME="wazuh-indexer-${PKG_VERSION}-${PKG_REVISION}.${ARCH}.${PKG_FORMAT}"
+        ;;
+    *)
+        echo "Unsupported OS."
+        exit 1
+        ;;
+esac
+
+# Download the package
+echo "Downloading wazuh-indexer package from GitHub artifactory..."
+echo "(It could take a couple minutes)"
+curl -L -H "Accept: application/vnd.github+json" \
+    -H "Authorization: Bearer $GITHUB_TOKEN" \
+    -H "X-GitHub-Api-Version: 2022-11-28" \
+    $URL -o package.zip > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+    echo "Error downloading package."
+    exit 1
+fi
+echo "Package downloaded successfully"
+
+# Unzip the package
+echo "Decompressing wazuh-indexer package..."
+unzip ./package.zip
+rm package.zip
+if [ $? -ne 0 ]; then
+    echo "Error unzipping package."
+    exit 1
+fi
+echo "Package decompressed"
+
+# Install the package
+echo "Installing wazuh-indexer package..."
+case "$PKG_FORMAT" in
+    "deb")
+        sudo dpkg -i $PKG_NAME
+        ;;
+    "rpm")
+        sudo rpm -i $PKG_NAME
+        ;;
+esac
+if [ $? -ne 0 ]; then
+    echo "Error installing package."
+    exit 1
+fi
+
+echo "Package installed successfully."

test-tools/scripts/02_apply_certificates.sh

@@ -0,0 +1,78 @@
+#!/bin/bash
+
+# SPDX-License-Identifier: Apache-2.0
+# The OpenSearch Contributors require contributions made to
+# this file be licensed under the Apache-2.0 license or a
+# compatible open source license.
+
+# Function to display usage help
+usage() {
+    echo
+    echo "Usage: $0 <CURRENT_NODE> <SECOND_NODE> <(Optional)CURRENT_NODE_IP> <(Optional)SECOND_NODE_IP>"
+    echo
+    echo "Parameters:"
+    echo "  CURRENT_NODE       Name of the current node"
+    echo "  SECOND_NODE        Name of the second node"
+    echo "  CURRENT_NODE_IP    IP address of the current node (optional, defaults to CURRENT_NODE)"
+    echo "  SECOND_NODE_IP     IP address of the second node (optional, defaults to SECOND_NODE)"
+    echo
+    exit 1
+}
+
+# Check if at least two arguments are provided
+if [ $# -lt 2 ]; then
+    usage
+fi
+
+# Assigning variables
+CURRENT_NODE=$1
+SECOND_NODE=$2
+CURRENT_NODE_IP=${3:-$CURRENT_NODE}
+SECOND_NODE_IP=${4:-$SECOND_NODE}
+CONFIG_FILE="/etc/wazuh-indexer/opensearch.yml"
+BACKUP_FILE="./opensearch.yml.bak"
+
+# Backup the original config file
+echo "Creating a backup of the original config file..."
+cp $CONFIG_FILE $BACKUP_FILE
+
+# Replace values in the config file
+echo "Updating configuration..."
+sed -i "s/network\.host: \"0\.0\.0\.0\"/network.host: \"${CURRENT_NODE_IP}\"/" $CONFIG_FILE
+sed -i "s/node\.name: \"node-1\"/node.name: \"${CURRENT_NODE}\"/" $CONFIG_FILE
+sed -i "s/#discovery\.seed_hosts:/discovery.seed_hosts:\n  - \"${CURRENT_NODE_IP}\"\n  - \"${SECOND_NODE_IP}\"/" $CONFIG_FILE
+sed -i "s/cluster\.initial_master_nodes:\n-\"node-1\"/cluster.initial_master_nodes:\n- ${CURRENT_NODE}\n- ${SECOND_NODE}/" $CONFIG_FILE
+sed -i ':a;N;$!ba;s/plugins\.security\.nodes_dn:\n- "CN=node-1,OU=Wazuh,O=Wazuh,L=California,C=US"/plugins.security.nodes_dn:\n- "CN='"${CURRENT_NODE}"',OU=Wazuh,O=Wazuh,L=California,C=US"\n- "CN='"${SECOND_NODE}"',OU=Wazuh,O=Wazuh,L=California,C=US"/' $CONFIG_FILE
+
+if [ $? -eq 0 ]; then
+    echo "Configuration updated successfully. Backup created at ${BACKUP_FILE}"
+else
+    echo "Error updating configuration."
+fi
+
+# Directory for certificates
+CERT_DIR="/etc/wazuh-indexer/certs"
+
+# Extract certificates
+echo "Creating certificates directory and extracting certificates..."
+mkdir -p $CERT_DIR
+tar -xf ./wazuh-certificates.tar -C $CERT_DIR ./$CURRENT_NODE.pem ./$CURRENT_NODE-key.pem ./admin.pem ./admin-key.pem ./root-ca.pem
+
+if [ $? -ne 0 ]; then
+    echo "Error extracting certificates."
+    exit 1
+fi
+
+# Move and set permissions for certificates
+echo "Moving and setting permissions for certificates..."
+mv -n $CERT_DIR/$CURRENT_NODE.pem $CERT_DIR/indexer.pem
+mv -n $CERT_DIR/$CURRENT_NODE-key.pem $CERT_DIR/indexer-key.pem
+chmod 500 $CERT_DIR
+chmod 400 $CERT_DIR/*
+chown -R wazuh-indexer:wazuh-indexer $CERT_DIR
+
+if [ $? -eq 0 ]; then
+    echo "Certificates configured successfully."
+else
+    echo "Error configuring certificates."
+fi

test-tools/scripts/03_check_service.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+
+# SPDX-License-Identifier: Apache-2.0
+# The OpenSearch Contributors require contributions made to
+# this file be licensed under the Apache-2.0 license or a
+# compatible open source license.
+
+# Function to check the status of the wazuh-indexer service
+check_service_is_running() {
+    systemctl is-active --quiet wazuh-indexer
+    if [ $? -eq 0 ]; then
+        echo "wazuh-indexer service is running."
+    else
+        echo "Error: wazuh-indexer service is not running." >&2
+        exit 1
+    fi
+}
+
+# Start wazuh-indexer service
+echo "Starting wazuh-indexer service..."
+systemctl daemon-reload
+systemctl enable wazuh-indexer
+systemctl start wazuh-indexer
+
+# Check if the service is running
+check_service_is_running
+
+# Stop wazuh-indexer service
+echo "Stopping wazuh-indexer service..."
+systemctl stop wazuh-indexer
+
+# Check if the service is stopped
+systemctl is-active --quiet wazuh-indexer
+if [ $? -ne 0 ]; then
+    echo "wazuh-indexer service stopped successfully."
+else
+    echo "Error: Failed to stop wazuh-indexer service." >&2
+    exit 1
+fi
+
+# Restart wazuh-indexer service
+echo "Restarting wazuh-indexer service..."
+systemctl restart wazuh-indexer
+
+# Check if the service is running after restart
+check_service_is_running

test-tools/scripts/04_cluster_initialization.sh

@@ -0,0 +1,74 @@
+#!/bin/bash
+
+# SPDX-License-Identifier: Apache-2.0
+# The OpenSearch Contributors require contributions made to
+# this file be licensed under the Apache-2.0 license or a
+# compatible open source license.
+
+# Function to display usage help
+usage() {
+    echo
+    echo "Usage: $0 <CLUSTER_IP> <USER> <PASSWORD>"
+    echo
+    echo "Parameters:"
+    echo "  CLUSTER_IP    IP address of the cluster (default: localhost)"
+    echo "  USER          Username for authentication (default: admin)"
+    echo "  PASSWORD      Password for authentication (default: admin)"
+    echo
+    exit 1
+}
+
+# Check if curl and jq are installed
+if ! command -v curl &> /dev/null || ! command -v jq &> /dev/null; then
+    echo "Error: curl and jq must be installed."
+    exit 1
+fi
+
+# Assigning variables
+CLUSTER_IP=${1:-"localhost"}
+USER=${2:-"admin"}
+PASSWORD=${3:-"admin"}
+
+# Initialize cluster
+echo "Initializing wazuh-indexer cluster..."
+bash /usr/share/wazuh-indexer/bin/indexer-security-init.sh &> /dev/null
+
+# Check if the initialization was successful
+if [ $? -ne 0 ]; then
+    echo "Error: Failed to initialize cluster."
+    exit 1
+fi
+
+# Check the Wazuh indexer status
+echo "Checking cluster status..."
+RESPONSE=$(curl -s -k -u $USER:$PASSWORD https://$CLUSTER_IP:9200)
+
+# Check if the request was successful
+if [ $? -ne 0 ]; then
+    echo "Error: Failed to connect to cluster."
+    exit 1
+fi
+
+# Parse and print the response
+INDEXER_NAME=$(echo $RESPONSE | jq -r '.name')
+CLUSTER_NAME=$(echo $RESPONSE | jq -r '.cluster_name')
+VERSION_NUMBER=$(echo $RESPONSE | jq -r '.version.number')
+
+echo "Indexer Status:"
+echo "  Node Name: $INDEXER_NAME"
+echo "  Cluster Name: $CLUSTER_NAME"
+echo "  Version Number: $VERSION_NUMBER"
+
+# Verify the Wazuh indexer nodes
+echo "Verifying the Wazuh indexer nodes..."
+NODES_RESPONSE=$(curl -s -k -u $USER:$PASSWORD https://$CLUSTER_IP:9200/_cat/nodes?v)
+
+if [ $? -ne 0 ]; then
+    echo "Error: Failed to retrieve Wazuh indexer nodes."
+    exit 1
+fi
+
+echo "Nodes:"
+echo "$NODES_RESPONSE"
+
+echo "Initialization completed successfully."